wok-next view gnutls/stuff/CVE-2014-0092.u @ rev 17172

Up firefox-official (32.0.3) CVE-2014-1568
author Pascal Bellard <pascal.bellard@slitaz.org>
date Thu Sep 25 15:28:17 2014 +0200 (2014-09-25)
parents
children
line source
1 From 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Mon Sep 17 00:00:00 2001
2 From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3 Date: Thu, 27 Feb 2014 19:42:26 +0100
4 Subject: [PATCH] corrected return codes
6 ---
7 lib/x509/verify.c | 16 ++++++++++------
8 1 files changed, 10 insertions(+), 6 deletions(-)
10 diff --git a/lib/x509/verify.c b/lib/x509/verify.c
11 index c9a6b0d..eef85a8 100644
12 --- a/lib/x509/verify.c
13 +++ b/lib/x509/verify.c
14 @@ -141,7 +141,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
15 if (result < 0)
16 {
17 gnutls_assert ();
18 - goto cleanup;
19 + goto fail;
20 }
22 result =
23 @@ -150,7 +150,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
24 if (result < 0)
25 {
26 gnutls_assert ();
27 - goto cleanup;
28 + goto fail;
29 }
31 result =
32 @@ -158,7 +158,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
33 if (result < 0)
34 {
35 gnutls_assert ();
36 - goto cleanup;
37 + goto fail;
38 }
40 result =
41 @@ -166,7 +166,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
42 if (result < 0)
43 {
44 gnutls_assert ();
45 - goto cleanup;
46 + goto fail;
47 }
49 /* If the subject certificate is the same as the issuer
50 @@ -206,6 +206,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer,
51 else
52 gnutls_assert ();
54 +fail:
55 result = 0;
57 cleanup:
58 @@ -330,7 +331,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
59 gnutls_datum_t cert_signed_data = { NULL, 0 };
60 gnutls_datum_t cert_signature = { NULL, 0 };
61 gnutls_x509_crt_t issuer = NULL;
62 - int issuer_version, result;
63 + int issuer_version, result = 0;
65 if (output)
66 *output = 0;
67 @@ -363,7 +364,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
68 if (issuer_version < 0)
69 {
70 gnutls_assert ();
71 - return issuer_version;
72 + return 0;
73 }
75 if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) &&
76 @@ -385,6 +386,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
77 if (result < 0)
78 {
79 gnutls_assert ();
80 + result = 0;
81 goto cleanup;
82 }
84 @@ -393,6 +395,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
85 if (result < 0)
86 {
87 gnutls_assert ();
88 + result = 0;
89 goto cleanup;
90 }
92 @@ -410,6 +413,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert,
93 else if (result < 0)
94 {
95 gnutls_assert();
96 + result = 0;
97 goto cleanup;
98 }
100 --
101 1.7.1