forked from rpms/openssl
64 lines
1.9 KiB
Diff
64 lines
1.9 KiB
Diff
|
From 2f7530077e0ef79d98718138716bc51ca0cad658 Mon Sep 17 00:00:00 2001
|
||
|
From: Hugo Landau <hlandau@openssl.org>
|
||
|
Date: Tue, 17 Jan 2023 17:45:42 +0000
|
||
|
Subject: [PATCH 14/18] CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address
|
||
|
(3.0)
|
||
|
|
||
|
Reviewed-by: Paul Dale <pauli@openssl.org>
|
||
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||
|
---
|
||
|
CHANGES.md | 19 +++++++++++++++++++
|
||
|
crypto/x509/v3_genn.c | 2 +-
|
||
|
include/openssl/x509v3.h.in | 2 +-
|
||
|
test/v3nametest.c | 8 ++++++++
|
||
|
4 files changed, 29 insertions(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/crypto/x509/v3_genn.c b/crypto/x509/v3_genn.c
|
||
|
index c0a7166cd0..1741c2d2f6 100644
|
||
|
--- a/crypto/x509/v3_genn.c
|
||
|
+++ b/crypto/x509/v3_genn.c
|
||
|
@@ -98,7 +98,7 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
|
||
|
return -1;
|
||
|
switch (a->type) {
|
||
|
case GEN_X400:
|
||
|
- result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
|
||
|
+ result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address);
|
||
|
break;
|
||
|
|
||
|
case GEN_EDIPARTY:
|
||
|
diff --git a/include/openssl/x509v3.h.in b/include/openssl/x509v3.h.in
|
||
|
index d00a66a343..c087e3cf92 100644
|
||
|
--- a/include/openssl/x509v3.h.in
|
||
|
+++ b/include/openssl/x509v3.h.in
|
||
|
@@ -154,7 +154,7 @@ typedef struct GENERAL_NAME_st {
|
||
|
OTHERNAME *otherName; /* otherName */
|
||
|
ASN1_IA5STRING *rfc822Name;
|
||
|
ASN1_IA5STRING *dNSName;
|
||
|
- ASN1_TYPE *x400Address;
|
||
|
+ ASN1_STRING *x400Address;
|
||
|
X509_NAME *directoryName;
|
||
|
EDIPARTYNAME *ediPartyName;
|
||
|
ASN1_IA5STRING *uniformResourceIdentifier;
|
||
|
diff --git a/test/v3nametest.c b/test/v3nametest.c
|
||
|
index 6d2e2f8e27..0341995dde 100644
|
||
|
--- a/test/v3nametest.c
|
||
|
+++ b/test/v3nametest.c
|
||
|
@@ -644,6 +644,14 @@ static struct gennamedata {
|
||
|
0xb7, 0x09, 0x02, 0x02
|
||
|
},
|
||
|
15
|
||
|
+ }, {
|
||
|
+ /*
|
||
|
+ * Regression test for CVE-2023-0286.
|
||
|
+ */
|
||
|
+ {
|
||
|
+ 0xa3, 0x00
|
||
|
+ },
|
||
|
+ 2
|
||
|
}
|
||
|
};
|
||
|
|
||
|
--
|
||
|
2.39.1
|
||
|
|