wok-current annotate gnutls/stuff/CVE-2014-0092.u @ rev 16053

gnutls: CVE-2014-0092 fix
author Pascal Bellard <pascal.bellard@slitaz.org>
date Mon Mar 10 15:55:04 2014 +0000 (2014-03-10)
parents
children
rev   line source
pascal@16053 1 From 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Mon Sep 17 00:00:00 2001
pascal@16053 2 From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
pascal@16053 3 Date: Thu, 27 Feb 2014 19:42:26 +0100
pascal@16053 4 Subject: [PATCH] corrected return codes
pascal@16053 5
pascal@16053 6 ---
pascal@16053 7 lib/x509/verify.c | 16 ++++++++++------
pascal@16053 8 1 files changed, 10 insertions(+), 6 deletions(-)
pascal@16053 9
pascal@16053 10 diff --git a/lib/x509/verify.c b/lib/x509/verify.c
pascal@16053 11 index c9a6b0d..eef85a8 100644
pascal@16053 12 --- a/lib/x509/verify.c
pascal@16053 13 +++ b/lib/x509/verify.c
pascal@16053 14 @@ -141,7 +141,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@16053 15 if (result < 0)
pascal@16053 16 {
pascal@16053 17 gnutls_assert ();
pascal@16053 18 - goto cleanup;
pascal@16053 19 + goto fail;
pascal@16053 20 }
pascal@16053 21
pascal@16053 22 result =
pascal@16053 23 @@ -150,7 +150,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@16053 24 if (result < 0)
pascal@16053 25 {
pascal@16053 26 gnutls_assert ();
pascal@16053 27 - goto cleanup;
pascal@16053 28 + goto fail;
pascal@16053 29 }
pascal@16053 30
pascal@16053 31 result =
pascal@16053 32 @@ -158,7 +158,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@16053 33 if (result < 0)
pascal@16053 34 {
pascal@16053 35 gnutls_assert ();
pascal@16053 36 - goto cleanup;
pascal@16053 37 + goto fail;
pascal@16053 38 }
pascal@16053 39
pascal@16053 40 result =
pascal@16053 41 @@ -166,7 +166,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@16053 42 if (result < 0)
pascal@16053 43 {
pascal@16053 44 gnutls_assert ();
pascal@16053 45 - goto cleanup;
pascal@16053 46 + goto fail;
pascal@16053 47 }
pascal@16053 48
pascal@16053 49 /* If the subject certificate is the same as the issuer
pascal@16053 50 @@ -206,6 +206,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
pascal@16053 51 else
pascal@16053 52 gnutls_assert ();
pascal@16053 53
pascal@16053 54 +fail:
pascal@16053 55 result = 0;
pascal@16053 56
pascal@16053 57 cleanup:
pascal@16053 58 @@ -330,7 +331,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@16053 59 gnutls_datum_t cert_signed_data = { NULL, 0 };
pascal@16053 60 gnutls_datum_t cert_signature = { NULL, 0 };
pascal@16053 61 gnutls_x509_crt_t issuer = NULL;
pascal@16053 62 - int issuer_version, result;
pascal@16053 63 + int issuer_version, result = 0;
pascal@16053 64
pascal@16053 65 if (output)
pascal@16053 66 *output = 0;
pascal@16053 67 @@ -363,7 +364,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@16053 68 if (issuer_version < 0)
pascal@16053 69 {
pascal@16053 70 gnutls_assert ();
pascal@16053 71 - return issuer_version;
pascal@16053 72 + return 0;
pascal@16053 73 }
pascal@16053 74
pascal@16053 75 if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) &&
pascal@16053 76 @@ -385,6 +386,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@16053 77 if (result < 0)
pascal@16053 78 {
pascal@16053 79 gnutls_assert ();
pascal@16053 80 + result = 0;
pascal@16053 81 goto cleanup;
pascal@16053 82 }
pascal@16053 83
pascal@16053 84 @@ -393,6 +395,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@16053 85 if (result < 0)
pascal@16053 86 {
pascal@16053 87 gnutls_assert ();
pascal@16053 88 + result = 0;
pascal@16053 89 goto cleanup;
pascal@16053 90 }
pascal@16053 91
pascal@16053 92 @@ -410,6 +413,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
pascal@16053 93 else if (result < 0)
pascal@16053 94 {
pascal@16053 95 gnutls_assert();
pascal@16053 96 + result = 0;
pascal@16053 97 goto cleanup;
pascal@16053 98 }
pascal@16053 99
pascal@16053 100 --
pascal@16053 101 1.7.1
pascal@16053 102