From f90822689891ca5150f71f8f0502d1877f10faa4 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Fri, 2 Aug 2002 18:48:55 +0000
Subject: Fix the ASN1 sanity check: correct header length calculation and
 check overflow against LONG_MAX.

---
 CHANGES | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'CHANGES')

diff --git a/CHANGES b/CHANGES
index 2908d32432..231986b27b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1895,6 +1895,12 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6e and 0.9.6f  [XX xxx XXXX]
 
+  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+     and get fix the header length calculation.
+     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
+	Alon Kantor <alonk@checkpoint.com> (and others),
+	Steve Henson]
+
   *) Use proper error handling instead of 'assertions' in buffer
      overflow checks added in 0.9.6e.  This prevents DoS (the
      assertions could call abort()).
-- 
cgit v1.2.3