Merge pull request #142232 from jbellerb/libressl
This commit is contained in:
commit
7053541084
2 changed files with 7 additions and 63 deletions
|
@ -1,53 +0,0 @@
|
|||
Based on upstream https://github.com/openbsd/src/commit/62ceddea5b1d64a1a362bbb7071d9e15adcde6b1
|
||||
with paths switched to apply to libressl-portable and CVS header
|
||||
hunk removed.
|
||||
|
||||
--- a/crypto/x509/x509_constraints.c
|
||||
+++ b/crypto/x509/x509_constraints.c
|
||||
@@ -339,16 +339,16 @@
|
||||
if (c == '.')
|
||||
goto bad;
|
||||
}
|
||||
- if (wi > DOMAIN_PART_MAX_LEN)
|
||||
- goto bad;
|
||||
if (accept) {
|
||||
+ if (wi >= DOMAIN_PART_MAX_LEN)
|
||||
+ goto bad;
|
||||
working[wi++] = c;
|
||||
accept = 0;
|
||||
continue;
|
||||
}
|
||||
if (candidate_local != NULL) {
|
||||
/* We are looking for the domain part */
|
||||
- if (wi > DOMAIN_PART_MAX_LEN)
|
||||
+ if (wi >= DOMAIN_PART_MAX_LEN)
|
||||
goto bad;
|
||||
working[wi++] = c;
|
||||
if (i == len - 1) {
|
||||
@@ -363,7 +363,7 @@
|
||||
continue;
|
||||
}
|
||||
/* We are looking for the local part */
|
||||
- if (wi > LOCAL_PART_MAX_LEN)
|
||||
+ if (wi >= LOCAL_PART_MAX_LEN)
|
||||
break;
|
||||
|
||||
if (quoted) {
|
||||
@@ -383,6 +383,8 @@
|
||||
*/
|
||||
if (c == 9)
|
||||
goto bad;
|
||||
+ if (wi >= LOCAL_PART_MAX_LEN)
|
||||
+ goto bad;
|
||||
working[wi++] = c;
|
||||
continue; /* all's good inside our quoted string */
|
||||
}
|
||||
@@ -412,6 +414,8 @@
|
||||
}
|
||||
if (!local_part_ok(c))
|
||||
goto bad;
|
||||
+ if (wi >= LOCAL_PART_MAX_LEN)
|
||||
+ goto bad;
|
||||
working[wi++] = c;
|
||||
}
|
||||
if (candidate_local == NULL || candidate_domain == NULL)
|
|
@ -40,6 +40,9 @@ let
|
|||
# removing ./configure pre-config.
|
||||
preConfigure = ''
|
||||
rm configure
|
||||
substituteInPlace CMakeLists.txt \
|
||||
--replace 'exec_prefix \''${prefix}' "exec_prefix ${placeholder "bin"}" \
|
||||
--replace 'libdir \''${exec_prefix}' 'libdir \''${prefix}'
|
||||
'';
|
||||
|
||||
inherit patches;
|
||||
|
@ -81,17 +84,11 @@ let
|
|||
|
||||
in {
|
||||
libressl_3_2 = generic {
|
||||
version = "3.2.5";
|
||||
sha256 = "1zkwrs3b19s1ybz4q9hrb7pqsbsi8vxcs44qanfy11fkc7ynb2kr";
|
||||
patches = [
|
||||
./CVE-2021-41581.patch
|
||||
];
|
||||
version = "3.2.7";
|
||||
sha256 = "112bjfrwwqlk0lak7fmfhcls18ydf62cp7gxghf4gklpfl1zyckw";
|
||||
};
|
||||
libressl_3_4 = generic {
|
||||
version = "3.4.0";
|
||||
sha256 = "1lhn76nd59p1dfd27b4636zj6wh3f5xsi8b3sxqnl820imsswbp5";
|
||||
patches = [
|
||||
./CVE-2021-41581.patch
|
||||
];
|
||||
version = "3.4.1";
|
||||
sha256 = "0766yxb599lx7qmlmsddiw9wgminz9mc311mav5q23l0rbkflz0h";
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue