diff -aur c42/hmac.h cvs/src/hmac.h
--- c42/hmac.h	2001-11-06 04:52:16.000000000 -0500
+++ cvs/src/hmac.h	2002-04-23 17:05:02.000000000 -0400
@@ -72,10 +72,11 @@
 template <class T>
 void HMAC<T>::TruncatedFinal(byte *mac, unsigned int size)
 {
-	hash.Final(mac);
+	SecByteBlock innerHash(DIGESTSIZE);
+	hash.Final(innerHash);
 
 	hash.Update(k_opad, T::BLOCKSIZE);
-	hash.Update(mac, DIGESTSIZE);
+	hash.Update(innerHash, DIGESTSIZE);
 	hash.TruncatedFinal(mac, size);
 	Init();
 }
diff -aur c42/pubkey.cpp cvs/src/pubkey.cpp
--- c42/pubkey.cpp	2001-11-06 04:52:18.000000000 -0500
+++ cvs/src/pubkey.cpp	2002-06-20 17:57:44.000000000 -0400
@@ -21,18 +21,18 @@
 unsigned int DecryptorTemplate<P,F>::Decrypt(const byte *cipherText, byte *plainText)
 {
 	SecByteBlock paddedBlock(PaddedBlockByteLength());
-	f.CalculateInverse(Integer(cipherText, CipherTextLength())).Encode(paddedBlock, paddedBlock.size);
+	f.CalculateInverse(Integer(cipherText, this->CipherTextLength())).Encode(paddedBlock, paddedBlock.size);
 	return pad.Unpad(paddedBlock, PaddedBlockBitLength(), plainText);
 }
 
 template <class P, class F>
 void EncryptorTemplate<P,F>::Encrypt(RandomNumberGenerator &rng, const byte *plainText, unsigned int plainTextLength, byte *cipherText)
 {
-	assert(plainTextLength <= MaxPlainTextLength());
+	assert(plainTextLength <= this->MaxPlainTextLength());
 
 	SecByteBlock paddedBlock(PaddedBlockByteLength());
 	pad.Pad(rng, plainText, plainTextLength, paddedBlock, PaddedBlockBitLength());
-	f.ApplyFunction(Integer(paddedBlock, paddedBlock.size)).Encode(cipherText, CipherTextLength());
+	f.ApplyFunction(Integer(paddedBlock, paddedBlock.size)).Encode(cipherText, this->CipherTextLength());
 }
 
 template <class P, class F>
diff -aur c42/pubkey.h cvs/src/pubkey.h
--- c42/pubkey.h	2001-11-06 04:52:18.000000000 -0500
+++ cvs/src/pubkey.h	2002-06-20 17:57:44.000000000 -0400
@@ -335,7 +335,7 @@
 		throw KeyTooShort();
 	SecByteBlock representative(PaddedBlockByteLength());
 	ma->Encode(rng, representative);
-	f.CalculateInverse(Integer(representative, representative.size)).Encode(signature, SignatureLength());
+	f.CalculateInverse(Integer(representative, representative.size)).Encode(signature, this->SignatureLength());
 }
 
 template <class F, class H>
@@ -343,7 +343,7 @@
 {
 	std::auto_ptr<H> ma(static_cast<H*>(messageAccumulator));
 	SecByteBlock representative(PaddedBlockByteLength());
-	f.ApplyFunction(Integer(signature, SignatureLength())).Encode(representative, representative.size);
+	f.ApplyFunction(Integer(signature, this->SignatureLength())).Encode(representative, representative.size);
 	return ma->Verify(representative);
 }
 
@@ -351,7 +351,7 @@
 HashModule * VerifierWithRecoveryTemplate<F,H>::NewLeftoverMessageAccumulator(const byte *signature) const
 {
 	SecByteBlock representative(PaddedBlockByteLength());
-	f.ApplyFunction(Integer(signature, SignatureLength())).Encode(representative, representative.size);
+	f.ApplyFunction(Integer(signature, this->SignatureLength())).Encode(representative, representative.size);
 	return new H(representative, PaddedBlockBitLength());
 }
 
diff -aur c42/rijndael.cpp cvs/src/rijndael.cpp
--- c42/rijndael.cpp	2001-11-06 04:52:18.000000000 -0500
+++ cvs/src/rijndael.cpp	2002-01-07 14:59:52.000000000 -0500
@@ -46,7 +46,7 @@
 	switch(keylen)
 	{
 	case 16:
-		for (;;)
+		while (true)
 		{
 			temp  = rk[3];
 			rk[4] = rk[0] ^
@@ -64,7 +64,8 @@
 		}
 
 	case 24:
-		for (;;) {
+		while (true)
+		{
 			temp = rk[ 5];
 			rk[ 6] = rk[ 0] ^
 				(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
@@ -83,7 +84,8 @@
 		}
 
 	case 32:
-        for (;;) {
+		while (true)
+		{
         	temp = rk[ 7];
         	rk[ 8] = rk[ 0] ^
         		(Te4[(temp >> 16) & 0xff] & 0xff000000) ^
diff -aur c42/rsa.cpp cvs/src/rsa.cpp
--- c42/rsa.cpp	2001-11-06 04:52:18.000000000 -0500
+++ cvs/src/rsa.cpp	2002-09-19 19:23:28.000000000 -0400
@@ -29,7 +29,8 @@
 	{
 		BERSequenceDecoder algorithm(subjectPublicKeyInfo);
 			ASN1::rsaEncryption().BERDecodeAndCheck(algorithm);
-			BERDecodeNull(algorithm);
+			if (!algorithm.EndReached())
+				BERDecodeNull(algorithm);
 		algorithm.MessageEnd();
 
 		BERSequenceDecoder subjectPublicKey(subjectPublicKeyInfo, BIT_STRING);
diff -aur c42/zinflate.cpp cvs/src/zinflate.cpp
--- c42/zinflate.cpp	2001-11-06 04:52:18.000000000 -0500
+++ cvs/src/zinflate.cpp	2002-04-10 11:41:04.000000000 -0400
@@ -1,5 +1,10 @@
 // zinflate.cpp - written and placed in the public domain by Wei Dai
 
+// This is a complete reimplementation of the DEFLATE decompression algorithm.
+// It should not be affected by any security vulnerabilities in the zlib 
+// compression library. In particular it is not affected by the double free bug
+// (http://www.kb.cert.org/vuls/id/368819).
+
 #include "pch.h"
 #include "zinflate.h"
 
@@ -244,9 +249,6 @@
 {
 	while (true)
 	{
-		if (m_inQueue.IsEmpty())
-			return;
-
 		switch (m_state)
 		{
 		case PRE_STREAM:
@@ -278,6 +280,8 @@
 			ProcessPoststreamTail();
 			m_state = m_repeat ? PRE_STREAM : AFTER_END;
 			Filter::MessageEnd(GetAutoSignalPropagation());
+			if (m_inQueue.IsEmpty())
+				return;
 			break;
 		case AFTER_END:
 			m_inQueue.TransferTo(*AttachedTransformation());
diff -aur c42/zlib.cpp cvs/src/zlib.cpp
--- c42/zlib.cpp	2001-11-06 04:52:18.000000000 -0500
+++ cvs/src/zlib.cpp	2002-04-10 11:43:18.000000000 -0400
@@ -1,5 +1,10 @@
 // zlib.cpp - written and placed in the public domain by Wei Dai
 
+// "zlib" is the name of a well known C language compression library
+// (http://www.zlib.org) and also the name of a compression format
+// (RFC 1950) that the library implements. This file is part of a
+// complete reimplementation of the zlib compression format.
+
 #include "pch.h"
 #include "zlib.h"
 #include "zdeflate.h"

