rpm/openssl
SHA256
1
0
Fork 0
forked from pool/openssl
Code Pull Requests Activity
6a3418284a
openssl/0024-Fixed-NULL-pointer-dereference-in-PKCS7_dataDecode-r.patch
Stephan Kulow 6a3418284a Accepting request 233553 from Base:System 
- Add upstream patches fixing coverity scan issues:
* 0018-fix-coverity-issues-966593-966596.patch
* 0020-Initialize-num-properly.patch
* 0022-bignum-allow-concurrent-BN_MONT_CTX_set_locked.patch
* 0023-evp-prevent-underflow-in-base64-decoding.patch
* 0024-Fixed-NULL-pointer-dereference-in-PKCS7_dataDecode-r.patch
* 0025-fix-coverity-issue-966597-error-line-is-not-always-i.patch
- Update 0001-libcrypto-Hide-library-private-symbols.patch
  to cover more private symbols, now 98% complete and probably
  not much more can be done to fix the rest of the ill-defined API.
- openssl-fips-hidden.patch new, hides private symbols added by the
  FIPS patches.
- openssl-no-egd.patch disable the EGD (entropy gathering daemon)
  interface, we have no EGD in the distro and obtaining entropy from
  a place other than /dev/*random, the hardware rng or the openSSL
  internal PRNG is an extremely bad & dangerous idea.
- use secure_getenv instead of getenv everywhere. (forwarded request 233217 from elvigia)

OBS-URL: https://build.opensuse.org/request/show/233553
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=117
2014-05-14 08:26:07 +00:00

64 lines
2.5 KiB
Diff
Raw Blame History

From c6a47f988c19093e4716d58dbed92938c18e1640 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 7 May 2014 23:21:02 +0100
Subject: [PATCH 24/25] Fixed NULL pointer dereference in PKCS7_dataDecode
reported by David Ramos in PR#3339
---
crypto/pkcs7/pk7_doit.c | 5 +++++
crypto/pkcs7/pkcs7.h | 1 +
crypto/pkcs7/pkcs7err.c | 3 ++-
3 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 4c12a9d..d91aa11 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -440,6 +440,11 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
{
case NID_pkcs7_signed:
data_body=PKCS7_get_octet_string(p7->d.sign->contents);
+ if (!PKCS7_is_detached(p7) && data_body == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_INVALID_SIGNED_DATA_TYPE);
+ goto err;
+ }
md_sk=p7->d.sign->md_algs;
break;
case NID_pkcs7_signedAndEnveloped:
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
index e4d4431..04f6037 100644
--- a/crypto/pkcs7/pkcs7.h
+++ b/crypto/pkcs7/pkcs7.h
@@ -453,6 +453,7 @@ void ERR_load_PKCS7_strings(void);
#define PKCS7_R_ERROR_SETTING_CIPHER 121
#define PKCS7_R_INVALID_MIME_TYPE 131
#define PKCS7_R_INVALID_NULL_POINTER 143
+#define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
#define PKCS7_R_MIME_NO_CONTENT_TYPE 132
#define PKCS7_R_MIME_PARSE_ERROR 133
#define PKCS7_R_MIME_SIG_PARSE_ERROR 134
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
index d0af32a..f3db08e 100644
--- a/crypto/pkcs7/pkcs7err.c
+++ b/crypto/pkcs7/pkcs7err.c
@@ -1,6 +1,6 @@
/* crypto/pkcs7/pkcs7err.c */
/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -130,6 +130,7 @@ static ERR_STRING_DATA PKCS7_str_reasons[]=
{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER),"error setting cipher"},
{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE) ,"invalid mime type"},
{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER),"invalid null pointer"},
+{ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),"invalid signed data type"},
{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE),"mime no content type"},
{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR) ,"mime parse error"},
{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR),"mime sig parse error"},
--
1.8.4.5
View Git Blame Copy Permalink