2
# Reference: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
3
# Description: incorrect checks for malformed signatures
5
diff -Nur ntp-4.2.4p4+dfsg/ntpd/ntp_crypto.c ntp-4.2.4p4+dfsg.new/ntpd/ntp_crypto.c
6
--- ntp-4.2.4p4+dfsg/ntpd/ntp_crypto.c 2006-12-28 06:03:28.000000000 -0600
7
+++ ntp-4.2.4p4+dfsg.new/ntpd/ntp_crypto.c 2009-01-06 01:19:49.000000000 -0600
10
EVP_VerifyInit(&ctx, peer->digest);
11
EVP_VerifyUpdate(&ctx, (u_char *)&ep->tstamp, vallen + 12);
12
- if (!EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen, pkey))
13
+ if (EVP_VerifyFinal(&ctx, (u_char *)&ep->pkt[i], siglen, pkey) <= 0)
16
if (peer->crypto & CRYPTO_FLAG_VRFY) {