3 files changed, 6 insertions, 2 deletions

diff --git a/UPDATING b/UPDATING
index 798f43892446..47f3555192ef 100644
--- a/UPDATING
+++ b/UPDATING
@@ -18,6 +18,10 @@ minimal number of processes, if possible, for that patch.  For those
 updates that don't have an advisory, or to be safe, you can do a full
 build and install as described in the COMMON ITEMS section.
 
+20020805:	p18
+	Correct a bug in the ASN.1 decoder which was introduced with
+	the recent OpenSSL update.
+
 20020805:	p17	FreeBSD-SA-02:37.kqueue
 	Registering an EVFILT_WRITE event on a pipe whose far end had
 	already been closed would cause a kernel panic.
diff --git a/crypto/openssl/crypto/asn1/asn1_lib.c b/crypto/openssl/crypto/asn1/asn1_lib.c
index 1fe3fbc1fa78..a3681c0e23c7 100644
--- a/crypto/openssl/crypto/asn1/asn1_lib.c
+++ b/crypto/openssl/crypto/asn1/asn1_lib.c
@@ -124,7 +124,7 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
 		(int)(omax+ *pp));
 
 #endif
-	if (*plength > (omax - (*pp - p)))
+	if (*plength > (omax - (p - *pp)))
 		{
 		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
 		/* Set this so that even if things are not long enough
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 23d01ee5e113..617e7c130aef 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -36,7 +36,7 @@
 
 TYPE="FreeBSD"
 REVISION="4.5"
-BRANCH="RELEASE-p17"
+BRANCH="RELEASE-p18"
 RELEASE="${REVISION}-${BRANCH}"
 VERSION="${TYPE} ${RELEASE}"