changeset 1400:e18fccc081f1

(issue182) Document applying the patch for CVE-2015-1182
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 27 Jan 2015 15:15:19 +0100
parents 9283376283aa
children ee807f64e21e
files INSTALL
diffstat 1 files changed, 16 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/INSTALL	Tue Jan 27 14:09:45 2015 +0100
+++ b/INSTALL	Tue Jan 27 15:15:19 2015 +0100
@@ -79,6 +79,22 @@
    set(CMAKE_C_FLAGS_DEBUG "-g3 -O0")
    set(CMAKE_C_FLAGS_COVERAGE "-g3 -O0 --coverage")
 EOF
+    # Patch for CVE 2015-1182
+    patch -p1 << EOF
+diff --git a/library/asn1parse.c b/library/asn1parse.c
+index a3a2b56..e2117bf 100644
+--- a/library/asn1parse.c
++++ b/library/asn1parse.c
+@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,
+             if( cur->next == NULL )
+                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
+
++            memset( cur->next, 0, sizeof( asn1_sequence ) );
++
+             cur = cur->next;
+         }
+     }
+EOF
 
     mkdir build
     cd build

http://wald.intevation.org/projects/trustbridge/