6a3418284a
- Add upstream patches fixing coverity scan issues: * 0018-fix-coverity-issues-966593-966596.patch * 0020-Initialize-num-properly.patch * 0022-bignum-allow-concurrent-BN_MONT_CTX_set_locked.patch * 0023-evp-prevent-underflow-in-base64-decoding.patch * 0024-Fixed-NULL-pointer-dereference-in-PKCS7_dataDecode-r.patch * 0025-fix-coverity-issue-966597-error-line-is-not-always-i.patch - Update 0001-libcrypto-Hide-library-private-symbols.patch to cover more private symbols, now 98% complete and probably not much more can be done to fix the rest of the ill-defined API. - openssl-fips-hidden.patch new, hides private symbols added by the FIPS patches. - openssl-no-egd.patch disable the EGD (entropy gathering daemon) interface, we have no EGD in the distro and obtaining entropy from a place other than /dev/*random, the hardware rng or the openSSL internal PRNG is an extremely bad & dangerous idea. - use secure_getenv instead of getenv everywhere. (forwarded request 233217 from elvigia) OBS-URL: https://build.opensuse.org/request/show/233553 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=117
28 lines
721 B
Diff
28 lines
721 B
Diff
From a41d5174e27c99d1caefd76a8e927c814ede509e Mon Sep 17 00:00:00 2001
|
|
From: "Dr. Stephen Henson" <steve@openssl.org>
|
|
Date: Tue, 6 May 2014 14:07:37 +0100
|
|
Subject: [PATCH 20/23] Initialize num properly.
|
|
|
|
PR#3289
|
|
PR#3345
|
|
(cherry picked from commit 3ba1e406c2309adb427ced9815ebf05f5b58d155)
|
|
---
|
|
crypto/evp/bio_b64.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
|
|
index ac6d441..16863fe 100644
|
|
--- a/crypto/evp/bio_b64.c
|
|
+++ b/crypto/evp/bio_b64.c
|
|
@@ -226,6 +226,7 @@ static int b64_read(BIO *b, char *out, int outl)
|
|
else if (ctx->start)
|
|
{
|
|
q=p=(unsigned char *)ctx->tmp;
|
|
+ num = 0;
|
|
for (j=0; j<i; j++)
|
|
{
|
|
if (*(q++) != '\n') continue;
|
|
--
|
|
1.8.4.5
|
|
|