pool/shim
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
94234ea7c9
shim/shim-fix-verify-eku.patch

33 lines
1.0 KiB
Diff
Raw Normal View History

Accepting request 834242 from home:gary_lin:branches:devel:openSUSE:Factory - Add shim-VLogError-Avoid-Null-pointer-dereferences.patch to fix VLogError crash in AArch64 (jsc#SLE-15824) - Add shim-fix-verify-eku.patch to fix the potential crash at verify_eku() (jsc#SLE-15824) - Add shim-do-not-write-string-literals.patch to fix the potential crash when accessing the DEFAULT_LOADER string (jsc#SLE-15824) OBS-URL: https://build.opensuse.org/request/show/834242 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=166
2020-09-14 10:23:32 +02:00
From 44b211bcf7ad58ff29e6495e1c3978e4660cb7d1 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 15 Jan 2019 18:04:34 -0500
Subject: [PATCH] OpenSSL: always provide OBJ_create() with name strings.
Some versions of OpenSSL seem to go back and forth as to whether NULL
for these names are okay. Don't risk it.
Signed-off-by: Peter Jones <pjones@redhat.com>
Upstream-commit-id: 46b76a01717
---
shim.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/shim.c b/shim.c
index a0eb19b..d7ee2b6 100644
--- a/shim.c
+++ b/shim.c
@@ -388,7 +388,9 @@ static BOOLEAN verify_eku(UINT8 *Cert, UINTN CertSize)
EXTENDED_KEY_USAGE *eku;
ASN1_OBJECT *module_signing;
- module_signing = OBJ_nid2obj(OBJ_create(OID_EKU_MODSIGN, NULL, NULL));
+ module_signing = OBJ_nid2obj(OBJ_create(OID_EKU_MODSIGN,
+ "modsign-eku",
+ "modsign-eku"));
x509 = d2i_X509 (NULL, &Temp, (long) CertSize);
if (x509 != NULL) {
--
2.28.0
Reference in New Issue Copy Permalink