Update from stable branch.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 25 Mar 2009 12:53:26 +0000 (12:53 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 25 Mar 2009 12:53:26 +0000 (12:53 +0000)
CHANGES
crypto/asn1/asn1.h

diff --git a/CHANGES b/CHANGES
index 565645a..024b05d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
 
  Changes between 0.9.8j and 0.9.8k  [xx XXX xxxx]
 
+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
   *) Set S/MIME signing as the default purpose rather than setting it 
      unconditionally. This allows applications to override it at the store
      level.
index 2c0e05b..6129d0a 100644 (file)
@@ -1278,6 +1278,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_BAD_OBJECT_HEADER                        102
 #define ASN1_R_BAD_PASSWORD_READ                        103
 #define ASN1_R_BAD_TAG                                  104
+#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                210
 #define ASN1_R_BN_LIB                                   105
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  106
 #define ASN1_R_BUFFER_TOO_SMALL                                 107
@@ -1369,6 +1370,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         157
 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 158
 #define ASN1_R_UNEXPECTED_EOC                           159
+#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH          211
 #define ASN1_R_UNKNOWN_FORMAT                           160
 #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 161
 #define ASN1_R_UNKNOWN_OBJECT_TYPE                      162