[PATCH 1 of 3] (issue182) Document applying the patch for CVE-2015-1182
Wald Commits
scm-commit at wald.intevation.org
Tue Jan 27 15:19:11 CET 2015
# HG changeset patch
# User Andre Heinecke <andre.heinecke at intevation.de>
# Date 1422368119 -3600
# Node ID e18fccc081f157f46c38ce7ffaac680a38763556
# Parent 9283376283aa956827034c76f40e255a4af89387
(issue182) Document applying the patch for CVE-2015-1182
diff -r 9283376283aa -r e18fccc081f1 INSTALL
--- a/INSTALL Tue Jan 27 14:09:45 2015 +0100
+++ b/INSTALL Tue Jan 27 15:15:19 2015 +0100
@@ -79,6 +79,22 @@
set(CMAKE_C_FLAGS_DEBUG "-g3 -O0")
set(CMAKE_C_FLAGS_COVERAGE "-g3 -O0 --coverage")
EOF
+ # Patch for CVE 2015-1182
+ patch -p1 << EOF
+diff --git a/library/asn1parse.c b/library/asn1parse.c
+index a3a2b56..e2117bf 100644
+--- a/library/asn1parse.c
++++ b/library/asn1parse.c
+@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,
+ if( cur->next == NULL )
+ return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
+
++ memset( cur->next, 0, sizeof( asn1_sequence ) );
++
+ cur = cur->next;
+ }
+ }
+EOF
mkdir build
cd build
More information about the Trustbridge-commits
mailing list