This file is part of MXE. See index.html for further information. Security fix for CVE-2015-1182 from: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 diff --git a/library/asn1parse.c b/library/asn1parse.c index a3a2b56..e2117bf 100644 --- a/library/asn1parse.c +++ b/library/asn1parse.c @@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p, if( cur->next == NULL ) return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); + memset( cur->next, 0, sizeof( asn1_sequence ) ); + cur = cur->next; } }