Merge "Fix double-free in DSA code (CVE-2016-0705)"
diff --git a/lib/openssl/crypto/asn1/a_int.c b/lib/openssl/crypto/asn1/a_int.c
index 3348b87..3f38b28 100644
--- a/lib/openssl/crypto/asn1/a_int.c
+++ b/lib/openssl/crypto/asn1/a_int.c
@@ -124,6 +124,8 @@
{
ret=a->length;
i=a->data[0];
+ if (ret == 1 && i == 0)
+ neg = 0;
if (!neg && (i > 127)) {
pad=1;
pb=0;
@@ -157,7 +159,7 @@
p += a->length - 1;
i = a->length;
/* Copy zeros to destination as long as source is zero */
- while(!*n) {
+ while(!*n && i > 1) {
*(p--) = 0;
n--;
i--;