Welcome to the club. I also sent in for a patch for this one, and then Stephen Henson told me that it had been fixed. It in CVS but not in any of the official releases.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Zoltan Glozik Sent: Monday, 23 September 2002 5:47 PM To: [EMAIL PROTECTED] Subject: [PATCH] Bug in the OBJ_txt2obj method. Hi, The OBJ_txt2obj does not call d2i_ASN1_OBJECT with the correct length parameter, so that method always fails in openssl-0.9.6g (This used to work in previous releases because the length checking was commented out in d2i_ASN1_OBJECT). Please see the patch below. Regards, Zoltan Index: crypto/objects/obj_dat.c =================================================================== RCS file: /var/cvs/openssl/crypto/objects/obj_dat.c,v retrieving revision 1.1.1.3 retrieving revision 1.1.1.3.2.1 diff -u -r1.1.1.3 -r1.1.1.3.2.1 --- crypto/objects/obj_dat.c 2002/09/15 09:55:03 1.1.1.3 +++ crypto/objects/obj_dat.c 2002/09/22 18:55:39 1.1.1.3.2.1 @@ -417,7 +417,7 @@ a2d_ASN1_OBJECT(p,i,s,-1); p=buf; - op=d2i_ASN1_OBJECT(NULL,&p,i); + op=d2i_ASN1_OBJECT(NULL,&p,j); OPENSSL_free(buf); return op; } ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
