wok-stable annotate gnutls/stuff/CVE-2014-0092.u @ rev 12431

gnutls: CVE-2014-0092 fix
author Pascal Bellard <pascal.bellard@slitaz.org>
date Mon Mar 10 15:55:29 2014 +0000 (2014-03-10)
parents
children
rev   line source
pascal@12431 1 From 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Mon Sep 17 00:00:00 2001
pascal@12431 2 From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
pascal@12431 3 Date: Thu, 27 Feb 2014 19:42:26 +0100
pascal@12431 4 Subject: [PATCH] corrected return codes
pascal@12431 5
pascal@12431 6 ---
pascal@12431 7 lib/x509/verify.c | 16 ++++++++++------
pascal@12431 8 1 files changed, 10 insertions(+), 6 deletions(-)
pascal@12431 9
pascal@12431 10 diff --git a/lib/x509/verify.c b/lib/x509/verify.c
pascal@12431 11 index c9a6b0d..eef85a8 100644
pascal@12431 12 --- a/lib/x509/verify.c
pascal@12431 13 +++ b/lib/x509/verify.c
pascal@12431 14 @@ -141,7 +141,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@12431 15 if (result < 0)
pascal@12431 16 {
pascal@12431 17 gnutls_assert ();
pascal@12431 18 - goto cleanup;
pascal@12431 19 + goto fail;
pascal@12431 20 }
pascal@12431 21
pascal@12431 22 result =
pascal@12431 23 @@ -150,7 +150,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@12431 24 if (result < 0)
pascal@12431 25 {
pascal@12431 26 gnutls_assert ();
pascal@12431 27 - goto cleanup;
pascal@12431 28 + goto fail;
pascal@12431 29 }
pascal@12431 30
pascal@12431 31 result =
pascal@12431 32 @@ -158,7 +158,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@12431 33 if (result < 0)
pascal@12431 34 {
pascal@12431 35 gnutls_assert ();
pascal@12431 36 - goto cleanup;
pascal@12431 37 + goto fail;
pascal@12431 38 }
pascal@12431 39
pascal@12431 40 result =
pascal@12431 41 @@ -166,7 +166,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@12431 42 if (result < 0)
pascal@12431 43 {
pascal@12431 44 gnutls_assert ();
pascal@12431 45 - goto cleanup;
pascal@12431 46 + goto fail;
pascal@12431 47 }
pascal@12431 48
pascal@12431 49 /* If the subject certificate is the same as the issuer
pascal@12431 50 @@ -206,6 +206,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@12431 51 else
pascal@12431 52 gnutls_assert ();
pascal@12431 53
pascal@12431 54 +fail:
pascal@12431 55 result = 0;
pascal@12431 56
pascal@12431 57 cleanup:
pascal@12431 58 @@ -330,7 +331,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@12431 59 gnutls_datum_t cert_signed_data = { NULL, 0 };
pascal@12431 60 gnutls_datum_t cert_signature = { NULL, 0 };
pascal@12431 61 gnutls_x509_crt_t issuer = NULL;
pascal@12431 62 - int issuer_version, result;
pascal@12431 63 + int issuer_version, result = 0;
pascal@12431 64
pascal@12431 65 if (output)
pascal@12431 66 *output = 0;
pascal@12431 67 @@ -363,7 +364,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@12431 68 if (issuer_version < 0)
pascal@12431 69 {
pascal@12431 70 gnutls_assert ();
pascal@12431 71 - return issuer_version;
pascal@12431 72 + return 0;
pascal@12431 73 }
pascal@12431 74
pascal@12431 75 if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) &&
pascal@12431 76 @@ -385,6 +386,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@12431 77 if (result < 0)
pascal@12431 78 {
pascal@12431 79 gnutls_assert ();
pascal@12431 80 + result = 0;
pascal@12431 81 goto cleanup;
pascal@12431 82 }
pascal@12431 83
pascal@12431 84 @@ -393,6 +395,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@12431 85 if (result < 0)
pascal@12431 86 {
pascal@12431 87 gnutls_assert ();
pascal@12431 88 + result = 0;
pascal@12431 89 goto cleanup;
pascal@12431 90 }
pascal@12431 91
pascal@12431 92 @@ -410,6 +413,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@12431 93 else if (result < 0)
pascal@12431 94 {
pascal@12431 95 gnutls_assert();
pascal@12431 96 + result = 0;
pascal@12431 97 goto cleanup;
pascal@12431 98 }
pascal@12431 99
pascal@12431 100 --
pascal@12431 101 1.7.1
pascal@12431 102