jengelh/boinc-client
SHA256
1
0
Fork 0
forked from pool/boinc-client
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/boinc-client?expand=0&rev=4

Browse Source
This commit is contained in:
OBS User unknown 2009-01-14 23:38:19 +00:00 committed by Git OBS Bridge
parent f781d52c1f
commit c48a0ba0f9
3 changed files with 98 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
bnc_465676.patch Normal file
View File

@ -0,0 +1,81 @@
diff -Naur boinc-6.2.18/checkin_notes boinc-6.2.18-mp/checkin_notes
--- boinc-6.2.18/checkin_notes 2008-08-25 16:29:18.000000000 -0400
+++ boinc-6.2.18-mp/checkin_notes 2009-01-14 14:05:04.000000000 -0500
@@ -1,3 +1,13 @@
+David Jan 12 2009
+ - lib: check return values of RSA_*() functions.
+ Also fix a memory leak, missing RSA_free().
+ Fixes #823.
+
+ lib/
+ crypt.cpp
+ error_numbers.h
+ str_util.cpp
+
David Jan 1 2008
- fixed bug in upgrade
diff -Naur boinc-6.2.18/lib/crypt.C boinc-6.2.18-mp/lib/crypt.C
--- boinc-6.2.18/lib/crypt.C 2008-08-25 16:27:59.000000000 -0400
+++ boinc-6.2.18-mp/lib/crypt.C 2009-01-14 14:08:24.000000000 -0500
@@ -210,7 +210,7 @@
// The output block must be decrypted in its entirety.
//
int encrypt_private(R_RSA_PRIVATE_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) {
- int n, modulus_len;
+ int n, modulus_len, retval;
modulus_len = (key.bits+7)/8;
n = in.len;
@@ -219,17 +219,27 @@
}
RSA* rp = RSA_new();
private_to_openssl(key, rp);
- RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING);
+ retval = RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING);
+ if (retval < 0) {
+ RSA_free(rp);
+ return ERR_CRYPTO;
+ }
out.len = RSA_size(rp);
RSA_free(rp);
return 0;
}
int decrypt_public(R_RSA_PUBLIC_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) {
+ int retval;
RSA* rp = RSA_new();
public_to_openssl(key, rp);
- RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING);
+ retval = RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING);
+ if (retval < 0) {
+ RSA_free(rp);
+ return ERR_CRYPTO;
+ }
out.len = RSA_size(rp);
+ RSA_free(rp);
return 0;
}
diff -Naur boinc-6.2.18/lib/error_numbers.h boinc-6.2.18-mp/lib/error_numbers.h
--- boinc-6.2.18/lib/error_numbers.h 2008-08-25 16:27:59.000000000 -0400
+++ boinc-6.2.18-mp/lib/error_numbers.h 2009-01-14 14:12:59.000000000 -0500
@@ -187,6 +187,7 @@
#define ERR_CHILD_FAILED -228
#define ERR_SYMLINK -229
#define ERR_DB_CONN_LOST -230
+#define ERR_CRYPTO -231
// PLEASE: add a text description of your error to
// the text description function boincerror() in str_util.C.
diff -Naur boinc-6.2.18/lib/str_util.C boinc-6.2.18-mp/lib/str_util.C
--- boinc-6.2.18/lib/str_util.C 2008-08-25 16:27:59.000000000 -0400
+++ boinc-6.2.18-mp/lib/str_util.C 2009-01-14 14:13:57.000000000 -0500
@@ -735,6 +735,7 @@
case ERR_BAD_FILENAME: return "file name is empty or has '..'";
case ERR_TOO_MANY_EXITS: return "application exited too many times";
case ERR_RMDIR: return "rmdir() failed";
+ case ERR_CRYPTO: return "encryption error";
case 404: return "HTTP file not found";
case 407: return "HTTP proxy authentication failure";
case 416: return "HTTP range request error";

8
boinc-client.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Wed Jan 14 14:39:47 EST 2009 - mauro@suse.de
- Added bnc_465676.patch to fix bnc#465676.
+ Fixes CVE-2008-5077
+ check return values of RSA_*() functions.
+ fix a memory leak, missing RSA_free().
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Dec 23 20:24:44 CET 2008 - mauro@suse.de Tue Dec 23 20:24:44 CET 2008 - mauro@suse.de

11
boinc-client.spec
View File

@ -21,7 +21,7 @@
Name: boinc-client Name: boinc-client
Summary: The Berkeley Open Infrastructure for Network Computing (BOINC) Summary: The Berkeley Open Infrastructure for Network Computing (BOINC)
Version: 6.2.18 Version: 6.2.18
Release: 3 Release: 5
Url: http://boinc.berkeley.edu/ Url: http://boinc.berkeley.edu/
Source0: boinc-%{version}.tar.bz2 Source0: boinc-%{version}.tar.bz2
Source1: boinc-icons.tar.bz2 Source1: boinc-icons.tar.bz2
@ -36,6 +36,7 @@ Patch4: boinc-subdirs.patch
Patch5: bnc-431510.patch Patch5: bnc-431510.patch
Patch6: bnc_439037.patch Patch6: bnc_439037.patch
Patch7: bnc_442904.patch Patch7: bnc_442904.patch
Patch8: bnc_465676.patch
License: LGPL v2.1 only License: LGPL v2.1 only
Group: Productivity/Clustering/Computing Group: Productivity/Clustering/Computing
BuildRequires: libcurl-devel >= 7.15.2 python-mysql update-desktop-files BuildRequires: libcurl-devel >= 7.15.2 python-mysql update-desktop-files
@ -155,6 +156,7 @@ mkdir $RPM_BUILD_ROOT
%patch5 -p1 %patch5 -p1
%patch6 -p1 %patch6 -p1
%patch7 -p1 %patch7 -p1
%patch8 -p1
tar -xvjf %{S:1} tar -xvjf %{S:1}
%build %build
@ -241,13 +243,18 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/*a %{_libdir}/*a
%changelog %changelog
* Wed Jan 14 2009 mauro@suse.de
- Added bnc_465676.patch to fix bnc#465676.
+ Fixes CVE-2008-5077
+ check return values of RSA_*() functions.
+ fix a memory leak, missing RSA_free().
* Tue Dec 23 2008 mauro@suse.de * Tue Dec 23 2008 mauro@suse.de
- Added bnc_442904.patch to fix bnc#442904. - Added bnc_442904.patch to fix bnc#442904.
+ Use the proper delete. + Use the proper delete.
* Mon Nov 03 2008 mauro@suse.de * Mon Nov 03 2008 mauro@suse.de
- Add bnc_439037.patch to fix bnc#439037. We now use strcmp - Add bnc_439037.patch to fix bnc#439037. We now use strcmp
instead of the original ==. instead of the original ==.
* Sat Oct 04 2008 mauro@suse.de * Fri Oct 03 2008 mauro@suse.de
- Add bnc-431510.patch to fix bnc#431510. - Add bnc-431510.patch to fix bnc#431510.
* Mon Sep 08 2008 mauro@suse.de * Mon Sep 08 2008 mauro@suse.de
- initial package for SuSE. boinc 6.2.18 (based on the enzokiel's - initial package for SuSE. boinc 6.2.18 (based on the enzokiel's