Ticket #46596: openssl-1.0.1k.patch

File openssl-1.0.1k.patch, 662 bytes (added by mouse07410 (Mouse), 9 years ago)

Patch that provides a reasonably secure workaround for this problem

  • crypto/asn1/a_type.c

    old new  
    117117        {
    118118        int result = -1;
    119119
    120         if (!a || !b || a->type != b->type) return -1;
     120        if (!a || !b) {
     121          if (!a && !b) /* both types are empty (null) */
     122            return 0;
     123          /* one is null, the other is maybe ASN.1 NULL (explicit) */
     124          if (a && !b) {
     125            if (a->type == V_ASN1_NULL)
     126              return 0;
     127          }
     128          if (b && !a) {
     129            if (b->type == V_ASN1_NULL)
     130              return 0;
     131          }
     132          return -1; /* the non-null (present) type isn't ASN.1 NULL */
     133        }
     134
     135        if (a->type != b->type) return -1;
    121136
    122137        switch (a->type)
    123138                {