Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto apply patch supplied with OpenSSL Security Advisory [...
details: https://anonhg.NetBSD.org/src/rev/0e8379002f0b
branches: trunk
changeset: 534599:0e8379002f0b
user: itojun <itojun%NetBSD.org@localhost>
date: Tue Jul 30 12:55:08 2002 +0000
description:
apply patch supplied with OpenSSL Security Advisory [30 July 2002]
advisory 1: four potentially remotely-exploitable vulnerability in
SSL2/SSL3 code
advisory 2: ASN1 parser vulnerability (all SSL/TLS apps affected)
diffstat:
crypto/Makefile.openssl | 3 +-
crypto/dist/openssl/CHANGES | 29 ++++++++++++++++++++++++++++
crypto/dist/openssl/crypto/asn1/asn1_lib.c | 10 +++++---
crypto/dist/openssl/crypto/conf/conf_def.c | 3 +-
crypto/dist/openssl/crypto/cryptlib.c | 8 +++++++
crypto/dist/openssl/crypto/cryptlib.h | 8 +++++++
crypto/dist/openssl/crypto/objects/obj_dat.c | 2 +-
crypto/dist/openssl/ssl/s2_clnt.c | 8 +++++++
crypto/dist/openssl/ssl/s2_lib.c | 6 +++++
crypto/dist/openssl/ssl/s2_srvr.c | 14 +++++++++++++
crypto/dist/openssl/ssl/s3_clnt.c | 10 +++++++++
crypto/dist/openssl/ssl/s3_srvr.c | 2 +
crypto/dist/openssl/ssl/ssl.h | 2 +
crypto/dist/openssl/ssl/ssl_asn1.c | 2 +
crypto/dist/openssl/ssl/ssl_err.c | 4 ++-
crypto/dist/openssl/ssl/ssl_sess.c | 2 +
16 files changed, 105 insertions(+), 8 deletions(-)
diffs (truncated from 474 to 300 lines):
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/Makefile.openssl
--- a/crypto/Makefile.openssl Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/Makefile.openssl Tue Jul 30 12:55:08 2002 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.openssl,v 1.6 2002/06/09 16:12:52 itojun Exp $
+# $NetBSD: Makefile.openssl,v 1.7 2002/07/30 12:55:08 itojun Exp $
.ifndef _MAKEFILE_OPENSSL_INCLUDED
_MAKEFILE_OPENSSL_INCLUDED=1
@@ -8,5 +8,6 @@
OPENSSLSRC= ${CRYPTODIST}/openssl
CPPFLAGS+= -DOPENSSLDIR=\"/etc/openssl\"
CPPFLAGS+= -DDSO_DLFCN -DHAVE_DLFCN_H
+CPPFLAGS+= -I${CRYPTODIST}/openssl/crypto
.endif
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/CHANGES
--- a/crypto/dist/openssl/CHANGES Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/CHANGES Tue Jul 30 12:55:08 2002 +0000
@@ -2,6 +2,35 @@
OpenSSL CHANGES
_______________
+ Changes in security patch
+
+Changes marked "(CHATS)" were sponsored by the Defense Advanced
+Research Projects Agency (DARPA) and Air Force Research Laboratory,
+Air Force Materiel Command, USAF, under agreement number
+F30602-01-2-0537.
+
+ *) Add various sanity checks to asn1_get_length() to reject
+ the ASN1 length bytes if they exceed sizeof(long), will appear
+ negative or the content length exceeds the length of the
+ supplied buffer. (CAN-2002-0659)
+ [Steve Henson, Adi Stav <stav%mercury.co.il@localhost>, James Yonan <jim%ntlp.com@localhost>]
+
+ *) Assertions for various potential buffer overflows, not known to
+ happen in practice.
+ [Ben Laurie (CHATS)]
+
+ *) Various temporary buffers to hold ASCII versions of integers were
+ too small for 64 bit platforms. (CAN-2002-0655)
+ [Matthew Byng-Maddick <mbm%aldigital.co.uk@localhost> and Ben Laurie (CHATS)>
+
+ *) Remote buffer overflow in SSL3 protocol - an attacker could
+ supply an oversized session ID to a client. (CAN-2002-0656)
+ [Ben Laurie (CHATS)]
+
+ *) Remote buffer overflow in SSL2 protocol - an attacker could
+ supply an oversized client master key. (CAN-2002-0656)
+ [Ben Laurie (CHATS)]
+
Changes between 0.9.6c and 0.9.6d [9 May 2002]
*) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/crypto/asn1/asn1_lib.c
--- a/crypto/dist/openssl/crypto/asn1/asn1_lib.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/crypto/asn1/asn1_lib.c Tue Jul 30 12:55:08 2002 +0000
@@ -124,15 +124,13 @@
(int)(omax+ *pp));
#endif
-#if 0
- if ((p+ *plength) > (omax+ *pp))
+ if (*plength > (omax - (*pp - p)))
{
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
/* Set this so that even if things are not long enough
* the values are set correctly */
ret|=0x80;
}
-#endif
*pp=p;
return(ret|inf);
err:
@@ -159,6 +157,8 @@
i= *p&0x7f;
if (*(p++) & 0x80)
{
+ if (i > sizeof(long))
+ return 0;
if (max-- == 0) return(0);
while (i-- > 0)
{
@@ -170,6 +170,8 @@
else
ret=i;
}
+ if (ret < 0)
+ return 0;
*pp=p;
*rl=ret;
return(1);
@@ -407,7 +409,7 @@
void asn1_add_error(unsigned char *address, int offset)
{
- char buf1[16],buf2[16];
+ char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
sprintf(buf1,"%lu",(unsigned long)address);
sprintf(buf2,"%d",offset);
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/crypto/conf/conf_def.c
--- a/crypto/dist/openssl/crypto/conf/conf_def.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/crypto/conf/conf_def.c Tue Jul 30 12:55:08 2002 +0000
@@ -67,6 +67,7 @@
#include "conf_def.h"
#include <openssl/buffer.h>
#include <openssl/err.h>
+#include "cryptlib.h"
static char *eat_ws(CONF *conf, char *p);
static char *eat_alpha_numeric(CONF *conf, char *p);
@@ -180,12 +181,12 @@
static int def_load(CONF *conf, BIO *in, long *line)
{
#define BUFSIZE 512
- char btmp[16];
int bufnum=0,i,ii;
BUF_MEM *buff=NULL;
char *s,*p,*end;
int again,n;
long eline=0;
+ char btmp[DECIMAL_SIZE(eline)+1];
CONF_VALUE *v=NULL,*tv;
CONF_VALUE *sv=NULL;
char *section=NULL,*buf;
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/crypto/cryptlib.c
--- a/crypto/dist/openssl/crypto/cryptlib.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/crypto/cryptlib.c Tue Jul 30 12:55:08 2002 +0000
@@ -491,3 +491,11 @@
#endif
#endif
+
+void OpenSSLDie(const char *file,int line,const char *assertion)
+ {
+ fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n",
+ file,line,assertion);
+ abort();
+ }
+
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/crypto/cryptlib.h
--- a/crypto/dist/openssl/crypto/cryptlib.h Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/crypto/cryptlib.h Tue Jul 30 12:55:08 2002 +0000
@@ -89,6 +89,14 @@
#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
+/* size of string represenations */
+#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1)
+#define HEX_SIZE(type) ((sizeof(type)*2)
+
+/* die if we have to */
+void OpenSSLDie(const char *file,int line,const char *assertion);
+#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e))
+
#ifdef __cplusplus
}
#endif
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/crypto/objects/obj_dat.c
--- a/crypto/dist/openssl/crypto/objects/obj_dat.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/crypto/objects/obj_dat.c Tue Jul 30 12:55:08 2002 +0000
@@ -428,7 +428,7 @@
unsigned long l;
unsigned char *p;
const char *s;
- char tbuf[32];
+ char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];
if (buf_len <= 0) return(0);
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/ssl/s2_clnt.c
--- a/crypto/dist/openssl/ssl/s2_clnt.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/ssl/s2_clnt.c Tue Jul 30 12:55:08 2002 +0000
@@ -116,6 +116,7 @@
#include <openssl/buffer.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
+#include "cryptlib.h"
static SSL_METHOD *ssl2_get_client_method(int ver);
static int get_server_finished(SSL *s);
@@ -517,6 +518,7 @@
}
s->s2->conn_id_length=s->s2->tmp.conn_id_length;
+ die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
return(1);
}
@@ -618,6 +620,7 @@
/* make key_arg data */
i=EVP_CIPHER_iv_length(c);
sess->key_arg_length=i;
+ die(i <= SSL_MAX_KEY_ARG_LENGTH);
if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
/* make a master key */
@@ -625,6 +628,7 @@
sess->master_key_length=i;
if (i > 0)
{
+ die(i <= sizeof sess->master_key);
if (RAND_bytes(sess->master_key,i) <= 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
@@ -668,6 +672,7 @@
d+=enc;
karg=sess->key_arg_length;
s2n(karg,p); /* key arg size */
+ die(karg <= sizeof sess->key_arg);
memcpy(d,sess->key_arg,(unsigned int)karg);
d+=karg;
@@ -688,6 +693,7 @@
{
p=(unsigned char *)s->init_buf->data;
*(p++)=SSL2_MT_CLIENT_FINISHED;
+ die(s->s2->conn_id_length <= sizeof s->s2->conn_id);
memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
@@ -944,6 +950,8 @@
{
if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
{
+ die(s->session->session_id_length
+ <= sizeof s->session->session_id);
if (memcmp(buf,s->session->session_id,
(unsigned int)s->session->session_id_length) != 0)
{
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/ssl/s2_lib.c
--- a/crypto/dist/openssl/ssl/s2_lib.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/ssl/s2_lib.c Tue Jul 30 12:55:08 2002 +0000
@@ -62,6 +62,7 @@
#include <openssl/rsa.h>
#include <openssl/objects.h>
#include <openssl/md5.h>
+#include "cryptlib.h"
static long ssl2_default_timeout(void );
const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
@@ -427,10 +428,14 @@
#endif
km=s->s2->key_material;
+ die(s->s2->key_material_length <= sizeof s->s2->key_material);
for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
{
MD5_Init(&ctx);
+ die(s->session->master_key_length >= 0
+ && s->session->master_key_length
+ < sizeof s->session->master_key);
MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
MD5_Update(&ctx,&c,1);
c++;
@@ -465,6 +470,7 @@
/* state=s->rwstate;*/
error=s->error;
s->error=0;
+ die(error >= 0 && error <= 3);
i=ssl2_write(s,&(buf[3-error]),error);
/* if (i == error) s->rwstate=state; */
diff -r 41f8f47c9397 -r 0e8379002f0b crypto/dist/openssl/ssl/s2_srvr.c
--- a/crypto/dist/openssl/ssl/s2_srvr.c Tue Jul 30 09:45:02 2002 +0000
+++ b/crypto/dist/openssl/ssl/s2_srvr.c Tue Jul 30 12:55:08 2002 +0000
@@ -116,6 +116,7 @@
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
+#include "cryptlib.h"
static SSL_METHOD *ssl2_get_server_method(int ver);
static int get_client_master_key(SSL *s);
@@ -417,11 +418,18 @@
n2s(p,i); s->s2->tmp.clear=i;
n2s(p,i); s->s2->tmp.enc=i;
n2s(p,i); s->session->key_arg_length=i;
+ if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH)
+ {
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_KEY_ARG_TOO_LONG);
+ return -1;
+ }
s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
}
/* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
p=(unsigned char *)s->init_buf->data;
+ die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER);
keya=s->session->key_arg_length;
len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya;
if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
@@ -502,6 +510,7 @@
#endif
if (is_export) i+=s->s2->tmp.clear;
Home |
Main Index |
Thread Index |
Old Index