Commit e39c45d3 authored by jow's avatar jow
Browse files

polarssl: patch CVE-2015-1182


Signed-off-by: default avatarJo-Philipp Wich <jow@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@44060 3c298f89-4303-0410-b956-a3cf2f4a3e73
parent cb217e0e
#
# Copyright (C) 2011-2013 OpenWrt.org
# Copyright (C) 2011-2015 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
......@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=polarssl
PKG_VERSION:=1.3.9
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
......
--- a/library/asn1parse.c
+++ b/library/asn1parse.c
@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char
if( cur->next == NULL )
return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
+ memset( cur->next, 0, sizeof( asn1_sequence ) );
+
cur = cur->next;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment