kumquat-buildroot/package/polarssl/0003-fix-CVE-2015-1182.patch

Fix CVE-2015-1182 - Remote attack using crafted certificates.
Patch status: from upstream see:
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

diff --git a/library/asn1parse.c b/library/asn1parse.c
index a3a2b56..e2117bf 100644
--- a/library/asn1parse.c
+++ b/library/asn1parse.c
@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,
             if( cur->next == NULL )
                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );

+            memset( cur->next, 0, sizeof( asn1_sequence ) );
+
             cur = cur->next;
         }
     }
polarssl: add fix for CVE-2015-1182 Fixes CVE-2015-1182 - Remote attack using crafted certificates. Also rename patches to new naming convention. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-01-26 21:29:17 +01:00			`Fix CVE-2015-1182 - Remote attack using crafted certificates.`
			`Patch status: from upstream see:`
			`https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04`

			`Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>`

			`diff --git a/library/asn1parse.c b/library/asn1parse.c`
			`index a3a2b56..e2117bf 100644`
			`--- a/library/asn1parse.c`
			`+++ b/library/asn1parse.c`
			`@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,`
			`if( cur->next == NULL )`
			`return( POLARSSL_ERR_ASN1_MALLOC_FAILED );`

			`+ memset( cur->next, 0, sizeof( asn1_sequence ) );`
			`+`
			`cur = cur->next;`
			`}`
			`}`