6 files changed, 23 insertions, 33 deletions

diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index e15e341ad8d2e..e16483dea57f3 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -62,6 +62,10 @@
 #include <openssl/objects.h>
 #include <openssl/asn1.h>
 
+#ifndef ASN1_PARSE_MAXDEPTH
+#define ASN1_PARSE_MAXDEPTH 128
+#endif
+
 static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
                            int indent);
 static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
@@ -134,6 +138,12 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
 #else
     dump_indent = 6;            /* Because we know BIO_dump_indent() */
 #endif
+
+    if (depth > ASN1_PARSE_MAXDEPTH) {
+            BIO_puts(bp, "BAD RECURSION DEPTH\n");
+            return 0;
+    }
+
     p = *pp;
     tot = p + length;
     op = p - 1;
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 6e4a3252d0781..91e7698113370 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -178,6 +178,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
     int otag;
     int ret = 0;
     ASN1_VALUE **pchptr, *ptmpval;
+    int combine = aclass & ASN1_TFLG_COMBINE;
+    aclass &= ~ASN1_TFLG_COMBINE;
     if (!pval)
         return 0;
     if (aux && aux->asn1_cb)
@@ -498,7 +500,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
  auxerr:
     ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
  err:
-    ASN1_item_ex_free(pval, it);
+    if (combine == 0)
+        ASN1_item_ex_free(pval, it);
     if (errtt)
         ERR_add_error_data(4, "Field=", errtt->field_name,
                            ", Type=", it->sname);
@@ -687,7 +690,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
     } else {
         /* Nothing special */
         ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-                               -1, 0, opt, ctx);
+                               -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
         if (!ret) {
             ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
             goto err;
diff --git a/crypto/des/t/test b/crypto/des/t/test
deleted file mode 100644
index 97acd0552e430..0000000000000
--- a/crypto/des/t/test
+++ /dev/null
@@ -1,27 +0,0 @@
-#!./perl
-
-BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
-
-use DES;
-
-$key='00000000';
-$ks=DES::set_key($key);
-@a=split(//,$ks);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-
-
-$key=DES::random_key();
-print "($_)\n";
-@a=split(//,$key);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-$str="this is and again into the breach";
-($k1,$k2)=DES::string_to_2keys($str);
-@a=split(//,$k1);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-@a=split(//,$k2);
-foreach (@a) { printf "%02x-",ord($_); }
-print "\n";
-
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index b80348bba63a4..63b60b4c641c5 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -196,7 +196,7 @@ static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     DES_cblock *deskey = (DES_cblock *)key;
 # ifdef EVP_CHECK_DES_KEY
     if (DES_set_key_checked(&deskey[0], &data(ctx)->ks1)
-        ! !DES_set_key_checked(&deskey[1], &data(ctx)->ks2))
+        || DES_set_key_checked(&deskey[1], &data(ctx)->ks2))
         return 0;
 # else
     DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
diff --git a/crypto/mem_clr.c b/crypto/mem_clr.c
index 3df1f3928d068..1a06636d0ce8d 100644
--- a/crypto/mem_clr.c
+++ b/crypto/mem_clr.c
@@ -66,6 +66,10 @@ void OPENSSL_cleanse(void *ptr, size_t len)
 {
     unsigned char *p = ptr;
     size_t loop = len, ctr = cleanse_ctr;
+
+    if (ptr == NULL)
+        return;
+
     while (loop--) {
         *(p++) = (unsigned char)ctr;
         ctr += (17 + ((size_t)p & 0xF));
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 058711bf545a0..3c424d52dbb72 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -26,11 +26,11 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x0090820fL
+# define OPENSSL_VERSION_NUMBER  0x0090821fL
 # ifdef OPENSSL_FIPS
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.8zg-fips 11 Jun 2015"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.8zh-fips 3 Dec 2015"
 # else
-#  define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.8zg 11 Jun 2015"
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 0.9.8zh 3 Dec 2015"
 # endif
 # define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT