[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Wed Apr 7 08:06:38 UTC 2021
The branch master has been updated
via 581c4b1d5357bdf858a6675ea0b3121731bca5c3 (commit)
via 080669804799b2fef788029555ac7b26f3e67881 (commit)
from 493e78986f9677c2b321273da51c276b9a8182d8 (commit)
- Log -----------------------------------------------------------------
commit 581c4b1d5357bdf858a6675ea0b3121731bca5c3
Author: Pauli <ppzgs1 at gmail.com>
Date: Sun Apr 4 13:58:22 2021 +1000
Ensure that the negative flag is correct set for ASN1 integer types.
Reported by: Scott McPeak <scott.g.mcpeak at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14768)
commit 080669804799b2fef788029555ac7b26f3e67881
Author: Pauli <ppzgs1 at gmail.com>
Date: Sun Apr 4 13:52:06 2021 +1000
Check for integer overflow in i2a_ASN1_OBJECT and error out if found.
Problem reported by Scott McPeak <scott.g.mcpeak at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14768)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/a_int.c | 6 ++++--
crypto/asn1/a_object.c | 12 +++++++++---
crypto/asn1/asn1_err.c | 3 ++-
crypto/err/openssl.txt | 1 +
include/crypto/asn1err.h | 2 +-
include/openssl/asn1err.h | 1 +
6 files changed, 18 insertions(+), 7 deletions(-)
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 92c58b3418..6774ba627c 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -308,8 +308,10 @@ ASN1_INTEGER *ossl_c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
c2i_ibuf(ret->data, &neg, *pp, len);
- if (neg)
+ if (neg != 0)
ret->type |= V_ASN1_NEG;
+ else
+ ret->type &= ~V_ASN1_NEG;
*pp += len;
if (a != NULL)
@@ -317,7 +319,7 @@ ASN1_INTEGER *ossl_c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
return ret;
err:
ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
- if ((a == NULL) || (*a != ret))
+ if (a == NULL || *a != ret)
ASN1_INTEGER_free(ret);
return NULL;
}
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 6967ab44e8..9d8f48b73c 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -190,6 +190,10 @@ int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a)
return BIO_write(bp, "NULL", 4);
i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
if (i > (int)(sizeof(buf) - 1)) {
+ if (i > INT_MAX - 1) { /* catch an integer overflow */
+ ERR_raise(ERR_LIB_ASN1, ASN1_R_LENGTH_TOO_LONG);
+ return -1;
+ }
if ((p = OPENSSL_malloc(i + 1)) == NULL) {
ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
return -1;
@@ -349,9 +353,11 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a)
if (a == NULL)
return;
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
-#ifndef CONST_STRICT /* disable purely for compile-time strict
- * const checking. Doing this on a "real"
- * compile will cause memory leaks */
+#ifndef CONST_STRICT
+ /*
+ * Disable purely for compile-time strict const checking. Doing this
+ * on a "real" compile will cause memory leaks
+ */
OPENSSL_free((void*)a->sn);
OPENSSL_free((void*)a->ln);
#endif
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 8957519cb2..af706e638e 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -109,6 +109,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = {
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UTF8STRING),
"invalid utf8string"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_VALUE), "invalid value"},
+ {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_LENGTH_TOO_LONG), "length too long"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_LIST_ERROR), "list error"},
{ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_NO_CONTENT_TYPE),
"mime no content type"},
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index aed5b72cff..07439f7c4a 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -66,6 +66,7 @@ ASN1_R_INVALID_STRING_TABLE_VALUE:218:invalid string table value
ASN1_R_INVALID_UNIVERSALSTRING_LENGTH:133:invalid universalstring length
ASN1_R_INVALID_UTF8STRING:134:invalid utf8string
ASN1_R_INVALID_VALUE:219:invalid value
+ASN1_R_LENGTH_TOO_LONG:231:length too long
ASN1_R_LIST_ERROR:188:list error
ASN1_R_MIME_NO_CONTENT_TYPE:206:mime no content type
ASN1_R_MIME_PARSE_ERROR:207:mime parse error
diff --git a/include/crypto/asn1err.h b/include/crypto/asn1err.h
index 21800a0ac3..9b623555f8 100644
--- a/include/crypto/asn1err.h
+++ b/include/crypto/asn1err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h
index 1a20fe82c2..d4276220cb 100644
--- a/include/openssl/asn1err.h
+++ b/include/openssl/asn1err.h
@@ -81,6 +81,7 @@
# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
# define ASN1_R_INVALID_UTF8STRING 134
# define ASN1_R_INVALID_VALUE 219
+# define ASN1_R_LENGTH_TOO_LONG 231
# define ASN1_R_LIST_ERROR 188
# define ASN1_R_MIME_NO_CONTENT_TYPE 206
# define ASN1_R_MIME_PARSE_ERROR 207
More information about the openssl-commits
mailing list