openssl/openssl-1.0.0d-CVE-2011-3207.diff


http://cvs.openssl.org/chngview?cn=21349

--- crypto/x509/x509_vfy.c	2010-11-02 15:57:40.000000000 +0000
+++ crypto/x509/x509_vfy.c.oden	2011-09-23 06:35:37.000000000 +0000
@@ -703,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ct
 	x = sk_X509_value(ctx->chain, cnum);
 	ctx->current_cert = x;
 	ctx->current_issuer = NULL;
+	ctx->current_crl_score = 0;
 	ctx->current_reasons = 0;
 	while (ctx->current_reasons != CRLDP_ALL_REASONS)
 		{
@@ -2015,6 +2016,9 @@ int X509_STORE_CTX_init(X509_STORE_CTX *
 	ctx->error_depth=0;
 	ctx->current_cert=NULL;
 	ctx->current_issuer=NULL;
+	ctx->current_crl=NULL;
+	ctx->current_crl_score=0;
+	ctx->current_reasons=0;
 	ctx->tree = NULL;
 	ctx->parent = NULL;
Automatic import for version 1.0.0d-2.6 2012-08-07 10:27:41 +00:00
			`http://cvs.openssl.org/chngview?cn=21349`

			`--- crypto/x509/x509_vfy.c 2010-11-02 15:57:40.000000000 +0000`
			`+++ crypto/x509/x509_vfy.c.oden 2011-09-23 06:35:37.000000000 +0000`
			`@@ -703,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ct`
			`x = sk_X509_value(ctx->chain, cnum);`
			`ctx->current_cert = x;`
			`ctx->current_issuer = NULL;`
			`+ ctx->current_crl_score = 0;`
			`ctx->current_reasons = 0;`
			`while (ctx->current_reasons != CRLDP_ALL_REASONS)`
			`{`
			`@@ -2015,6 +2016,9 @@ int X509_STORE_CTX_init(X509_STORE_CTX *`
			`ctx->error_depth=0;`
			`ctx->current_cert=NULL;`
			`ctx->current_issuer=NULL;`
			`+ ctx->current_crl=NULL;`
			`+ ctx->current_crl_score=0;`
			`+ ctx->current_reasons=0;`
			`ctx->tree = NULL;`
			`ctx->parent = NULL;`