[openssl/openssl] 6446cb: Fix BIO_f_cipher() flushing

Matt Caswell noreply at github.com
Thu Dec 22 10:10:04 UTC 2022 

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: 6446cb444c2a4fd8a12ccafe9329b1b1b268460d
      https://github.com/openssl/openssl/commit/6446cb444c2a4fd8a12ccafe9329b1b1b268460d
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-12-22 (Thu, 22 Dec 2022)

  Changed paths:
    M crypto/evp/bio_enc.c

  Log Message:
  -----------
  Fix BIO_f_cipher() flushing

If an error occurs during a flush on a BIO_f_cipher() then in some cases
we could get into an infinite loop. We add a check to make sure we are
making progress during flush and exit if not.

This issue was reported by Octavio Galland who also demonstrated an
infinite loop in CMS encryption as a result of this bug.

The security team has assessed this issue as not a CVE. This occurs on
*encryption* only which is typically processing trusted data. We are not
aware of a way to trigger this with untrusted data.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19920)


  Commit: 1354191dac44f9ac04c38fd9fb56287f00039b82
      https://github.com/openssl/openssl/commit/1354191dac44f9ac04c38fd9fb56287f00039b82
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-12-22 (Thu, 22 Dec 2022)

  Changed paths:
    M crypto/asn1/asn_mime.c

  Log Message:
  -----------
  Fix SMIME_crlf_copy() to properly report an error

If the BIO unexpectedly fails to flush then SMIME_crlf_copy() was not
correctly reporting the error. We modify it to properly propagate the
error condition.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19920)


  Commit: e913b911e04a6b276deb7d7553694ae2c1a563cc
      https://github.com/openssl/openssl/commit/e913b911e04a6b276deb7d7553694ae2c1a563cc
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-12-22 (Thu, 22 Dec 2022)

  Changed paths:
    M crypto/asn1/bio_asn1.c

  Log Message:
  -----------
  Fix BIO_f_asn1() to properly report some errors

Some things that may go wrong in asn1_bio_write() are serious errors
that should be reported as -1, rather than 0 (which just means "we wrote
no data").

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19920)


  Commit: 1d0fa26428d28339b561d511076aed7276b1aa18
      https://github.com/openssl/openssl/commit/1d0fa26428d28339b561d511076aed7276b1aa18
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-12-22 (Thu, 22 Dec 2022)

  Changed paths:
    M crypto/cms/cms_enc.c
    M crypto/cms/cms_err.c
    M crypto/err/openssl.txt
    M include/openssl/cmserr.h

  Log Message:
  -----------
  Ensure ossl_cms_EncryptedContent_init_bio() reports an error on no OID

If the cipher being used in ossl_cms_EncryptedContent_init_bio() has no
associated OID then we should report an error rather than continuing on
regardless. Continuing on still ends up failing - but later on and with a
more cryptic error message.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19920)


Compare: https://github.com/openssl/openssl/compare/ed8af0502167...1d0fa26428d2

More information about the openssl-commits mailing list