summaryrefslogtreecommitdiffstats
path: root/opensuse/core/tdelibs.old/kdelibs-3.5.10-CVE-2009-2702.patch
diff options
context:
space:
mode:
Diffstat (limited to 'opensuse/core/tdelibs.old/kdelibs-3.5.10-CVE-2009-2702.patch')
-rw-r--r--opensuse/core/tdelibs.old/kdelibs-3.5.10-CVE-2009-2702.patch62
1 files changed, 62 insertions, 0 deletions
diff --git a/opensuse/core/tdelibs.old/kdelibs-3.5.10-CVE-2009-2702.patch b/opensuse/core/tdelibs.old/kdelibs-3.5.10-CVE-2009-2702.patch
new file mode 100644
index 000000000..e6f06a779
--- /dev/null
+++ b/opensuse/core/tdelibs.old/kdelibs-3.5.10-CVE-2009-2702.patch
@@ -0,0 +1,62 @@
+diff -pruN kdelibs-3.5.4.orig/kio/kssl/kopenssl.cc kdelibs-3.5.4/kio/kssl/kopenssl.cc
+--- kdelibs-3.5.4.orig/kio/kssl/kopenssl.cc 2009-08-31 20:50:12.000000000 +0200
++++ kdelibs-3.5.4/kio/kssl/kopenssl.cc 2009-08-31 21:46:47.000000000 +0200
+@@ -196,6 +196,7 @@ static int (*K_X509_NAME_add_entry_by_tx
+ static X509_NAME *(*K_X509_NAME_new)() = 0L;
+ static int (*K_X509_REQ_set_subject_name)(X509_REQ*,X509_NAME*) = 0L;
+ static unsigned char *(*K_ASN1_STRING_data)(ASN1_STRING*) = 0L;
++static int (*K_ASN1_STRING_length)(ASN1_STRING*) = 0L;
+ static STACK_OF(SSL_CIPHER) *(*K_SSL_get_ciphers)(const SSL *ssl) = 0L;
+
+ #endif
+@@ -498,6 +499,7 @@ KConfig *cfg;
+ K_X509_NAME_new = (X509_NAME *(*)()) _cryptoLib->symbol("X509_NAME_new");
+ K_X509_REQ_set_subject_name = (int (*)(X509_REQ*,X509_NAME*)) _cryptoLib->symbol("X509_REQ_set_subject_name");
+ K_ASN1_STRING_data = (unsigned char *(*)(ASN1_STRING*)) _cryptoLib->symbol("ASN1_STRING_data");
++ K_ASN1_STRING_length = (int (*)(ASN1_STRING*)) _cryptoLib->symbol("ASN1_STRING_length");
+ #endif
+ }
+
+@@ -1549,6 +1551,13 @@ unsigned char *KOpenSSLProxy::ASN1_STRIN
+ return 0L;
+ }
+
++
++int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) {
++ if (K_ASN1_STRING_length) return (K_ASN1_STRING_length)(x);
++ return 0L;
++}
++
++
+ STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL* ssl) {
+ if (K_SSL_get_ciphers) return (K_SSL_get_ciphers)(ssl);
+ return 0L;
+diff -pruN kdelibs-3.5.4.orig/kio/kssl/kopenssl.h kdelibs-3.5.4/kio/kssl/kopenssl.h
+--- kdelibs-3.5.4.orig/kio/kssl/kopenssl.h 2006-07-22 10:16:39.000000000 +0200
++++ kdelibs-3.5.4/kio/kssl/kopenssl.h 2009-08-31 21:46:47.000000000 +0200
+@@ -622,6 +622,11 @@ public:
+ unsigned char *ASN1_STRING_data(ASN1_STRING *x);
+
+ /*
++ * ASN1_STRING_length
++ */
++ int ASN1_STRING_length(ASN1_STRING *x);
++
++ /*
+ *
+ */
+ int OBJ_obj2nid(ASN1_OBJECT *o);
+diff -pruN kdelibs-3.5.4.orig/kio/kssl/ksslcertificate.cc kdelibs-3.5.4/kio/kssl/ksslcertificate.cc
+--- kdelibs-3.5.4.orig/kio/kssl/ksslcertificate.cc 2006-01-19 18:06:12.000000000 +0100
++++ kdelibs-3.5.4/kio/kssl/ksslcertificate.cc 2009-08-31 21:54:38.000000000 +0200
+@@ -1099,7 +1099,9 @@ QStringList KSSLCertificate::subjAltName
+ }
+
+ QString s = (const char *)d->kossl->ASN1_STRING_data(val->d.ia5);
+- if (!s.isEmpty()) {
++ if (!s.isEmpty() &&
++ /* skip subjectAltNames with embedded NULs */
++ s.length() == d->kossl->ASN1_STRING_length(val->d.ia5)) {
+ rc += s;
+ }
+ }