diff options
Diffstat (limited to 'security/openssl/patches/patch-ao')
-rw-r--r-- | security/openssl/patches/patch-ao | 54 |
1 files changed, 44 insertions, 10 deletions
diff --git a/security/openssl/patches/patch-ao b/security/openssl/patches/patch-ao index 0b53ba7001a..957a0e527d6 100644 --- a/security/openssl/patches/patch-ao +++ b/security/openssl/patches/patch-ao @@ -1,15 +1,49 @@ -$NetBSD: patch-ao,v 1.1 2006/09/30 04:20:24 taca Exp $ +$NetBSD: patch-ao,v 1.1.10.1 2007/10/22 08:47:23 ghen Exp $ -# http://secunia.com/advisories/22130/ +# CVE-2007-5135 ---- ssl/ssl_lib.c.orig 2005-06-11 05:00:39.000000000 +0900 +--- ssl/ssl_lib.c.orig 2005-06-10 21:00:39.000000000 +0100 +++ ssl/ssl_lib.c -@@ -1187,7 +1187,7 @@ char *SSL_get_shared_ciphers(const SSL * +@@ -1169,7 +1169,6 @@ int SSL_set_cipher_list(SSL *s,const cha + char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) + { + char *p; +- const char *cp; + STACK_OF(SSL_CIPHER) *sk; + SSL_CIPHER *c; + int i; +@@ -1182,20 +1181,21 @@ char *SSL_get_shared_ciphers(const SSL * + sk=s->session->ciphers; + for (i=0; i<sk_SSL_CIPHER_num(sk); i++) + { +- /* Decrement for either the ':' or a '\0' */ +- len--; ++ int n; ++ c=sk_SSL_CIPHER_value(sk,i); - for (cp=c->name; *cp; ) - { +- for (cp=c->name; *cp; ) +- { - if (len-- == 0) -+ if (len-- <= 0) - { - *p='\0'; - return(buf); +- { +- *p='\0'; +- return(buf); +- } +- else +- *(p++)= *(cp++); +- } +- *(p++)=':'; ++ n=strlen(c->name); ++ if (n+1 > len) ++ { ++ if (p != buf) ++ --p; ++ *p='\0'; ++ return buf; ++ } ++ strcpy(p,c->name); ++ p+=n; ++ *(p++)=':'; ++ len-=n+1; + } + p[-1]='\0'; + return(buf); |