wok-stable diff gnutls/stuff/CVE-2014-0092.u @ rev 12431
gnutls: CVE-2014-0092 fix
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Mon Mar 10 15:55:29 2014 +0000 (2014-03-10) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/gnutls/stuff/CVE-2014-0092.u Mon Mar 10 15:55:29 2014 +0000 1.3 @@ -0,0 +1,102 @@ 1.4 +From 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Mon Sep 17 00:00:00 2001 1.5 +From: Nikos Mavrogiannopoulos <nmav@gnutls.org> 1.6 +Date: Thu, 27 Feb 2014 19:42:26 +0100 1.7 +Subject: [PATCH] corrected return codes 1.8 + 1.9 +--- 1.10 + lib/x509/verify.c | 16 ++++++++++------ 1.11 + 1 files changed, 10 insertions(+), 6 deletions(-) 1.12 + 1.13 +diff --git a/lib/x509/verify.c b/lib/x509/verify.c 1.14 +index c9a6b0d..eef85a8 100644 1.15 +--- a/lib/x509/verify.c 1.16 ++++ b/lib/x509/verify.c 1.17 +@@ -141,7 +141,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, 1.18 + if (result < 0) 1.19 + { 1.20 + gnutls_assert (); 1.21 +- goto cleanup; 1.22 ++ goto fail; 1.23 + } 1.24 + 1.25 + result = 1.26 +@@ -150,7 +150,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, 1.27 + if (result < 0) 1.28 + { 1.29 + gnutls_assert (); 1.30 +- goto cleanup; 1.31 ++ goto fail; 1.32 + } 1.33 + 1.34 + result = 1.35 +@@ -158,7 +158,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, 1.36 + if (result < 0) 1.37 + { 1.38 + gnutls_assert (); 1.39 +- goto cleanup; 1.40 ++ goto fail; 1.41 + } 1.42 + 1.43 + result = 1.44 +@@ -166,7 +166,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, 1.45 + if (result < 0) 1.46 + { 1.47 + gnutls_assert (); 1.48 +- goto cleanup; 1.49 ++ goto fail; 1.50 + } 1.51 + 1.52 + /* If the subject certificate is the same as the issuer 1.53 +@@ -206,6 +206,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, 1.54 + else 1.55 + gnutls_assert (); 1.56 + 1.57 ++fail: 1.58 + result = 0; 1.59 + 1.60 + cleanup: 1.61 +@@ -330,7 +331,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, 1.62 + gnutls_datum_t cert_signed_data = { NULL, 0 }; 1.63 + gnutls_datum_t cert_signature = { NULL, 0 }; 1.64 + gnutls_x509_crt_t issuer = NULL; 1.65 +- int issuer_version, result; 1.66 ++ int issuer_version, result = 0; 1.67 + 1.68 + if (output) 1.69 + *output = 0; 1.70 +@@ -363,7 +364,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, 1.71 + if (issuer_version < 0) 1.72 + { 1.73 + gnutls_assert (); 1.74 +- return issuer_version; 1.75 ++ return 0; 1.76 + } 1.77 + 1.78 + if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && 1.79 +@@ -385,6 +386,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, 1.80 + if (result < 0) 1.81 + { 1.82 + gnutls_assert (); 1.83 ++ result = 0; 1.84 + goto cleanup; 1.85 + } 1.86 + 1.87 +@@ -393,6 +395,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, 1.88 + if (result < 0) 1.89 + { 1.90 + gnutls_assert (); 1.91 ++ result = 0; 1.92 + goto cleanup; 1.93 + } 1.94 + 1.95 +@@ -410,6 +413,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, 1.96 + else if (result < 0) 1.97 + { 1.98 + gnutls_assert(); 1.99 ++ result = 0; 1.100 + goto cleanup; 1.101 + } 1.102 + 1.103 +-- 1.104 +1.7.1 1.105 +