[openssl] master update

tomas at openssl.org tomas at openssl.org
Tue Jul 20 07:41:19 UTC 2021 

The branch master has been updated
       via  c5dc9ab965f2a69bca964c709e648158f3e4cd67 (commit)
      from  718d55f43fb9c076c88ea1be4abe86b0f46a10d2 (commit)


- Log -----------------------------------------------------------------
commit c5dc9ab965f2a69bca964c709e648158f3e4cd67
Author: Ingo Schwarze <schwarze at openbsd.org>
Date:   Sun Jul 18 17:48:06 2021 +0200

    Fix a read buffer overrun in X509_aux_print().
    
    The ASN1_STRING_get0_data(3) manual explitely cautions the reader
    that the data is not necessarily NUL-terminated, and the function
    X509_alias_set1(3) does not sanitize the data passed into it in any
    way either, so we must assume the return value from X509_alias_get0(3)
    is merely a byte array and not necessarily a string in the sense
    of the C language.
    
    I found this bug while writing manual pages for X509_print_ex(3)
    and related functions.  Theo Buehler <tb at openbsd.org> checked my
    patch to fix the same bug in LibreSSL, see
    
    http://cvsweb.openbsd.org/src/lib/libcrypto/asn1/t_x509a.c#rev1.9
    
    As an aside, note that the function still produces incomplete and
    misleading results when the data contains a NUL byte in the middle
    and that error handling is consistently absent throughout, even
    though the function provides an "int" return value obviously intended
    to be 1 for success and 0 for failure, and even though this function
    is called by another function that also wants to return 1 for success
    and 0 for failure and even does so in many of its code paths, though
    not in others.  But let's stay focussed.  Many things would be nice
    to have in the wide wild world, but a buffer overflow must not be
    allowed to remain in our backyard.
    
    CLA: trivial
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16108)

-----------------------------------------------------------------------

Summary of changes:
 crypto/x509/t_x509.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
index 69b04e74eb..95ee5f519f 100644
--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c
@@ -380,9 +380,9 @@ int X509_aux_print(BIO *out, X509 *x, int indent)
         BIO_puts(out, "\n");
     } else
         BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
-    alias = X509_alias_get0(x, NULL);
+    alias = X509_alias_get0(x, &i);
     if (alias)
-        BIO_printf(out, "%*sAlias: %s\n", indent, "", alias);
+        BIO_printf(out, "%*sAlias: %.*s\n", indent, "", i, alias);
     keyid = X509_keyid_get0(x, &keyidlen);
     if (keyid) {
         BIO_printf(out, "%*sKey Id: ", indent, "");

More information about the openssl-commits mailing list