forked from rpms/openssl
pull in upstream patch for CVE-2014-0160
- removed CHANGES file portion from patch for expediency
This commit is contained in:
parent
239d122765
commit
e55cd2c0e4
108
openssl.git-96db902.patch
Normal file
108
openssl.git-96db902.patch
Normal file
@ -0,0 +1,108 @@
|
||||
From: Dr. Stephen Henson <steve@openssl.org>
|
||||
Date: Sat, 5 Apr 2014 23:51:06 +0000 (+0100)
|
||||
Subject: Add heartbeat extension bounds check.
|
||||
X-Git-Tag: OpenSSL_1_0_1g~3
|
||||
X-Git-Url: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=96db902
|
||||
|
||||
Add heartbeat extension bounds check.
|
||||
|
||||
A missing bounds check in the handling of the TLS heartbeat extension
|
||||
can be used to reveal up to 64k of memory to a connected client or
|
||||
server.
|
||||
|
||||
Thanks for Neel Mehta of Google Security for discovering this bug and to
|
||||
Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
|
||||
preparing the fix (CVE-2014-0160)
|
||||
---
|
||||
|
||||
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
|
||||
index 7a5596a..2e8cf68 100644
|
||||
--- a/ssl/d1_both.c
|
||||
+++ b/ssl/d1_both.c
|
||||
@@ -1459,26 +1459,36 @@ dtls1_process_heartbeat(SSL *s)
|
||||
unsigned int payload;
|
||||
unsigned int padding = 16; /* Use minimum padding */
|
||||
|
||||
- /* Read type and payload length first */
|
||||
- hbtype = *p++;
|
||||
- n2s(p, payload);
|
||||
- pl = p;
|
||||
-
|
||||
if (s->msg_callback)
|
||||
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
|
||||
&s->s3->rrec.data[0], s->s3->rrec.length,
|
||||
s, s->msg_callback_arg);
|
||||
|
||||
+ /* Read type and payload length first */
|
||||
+ if (1 + 2 + 16 > s->s3->rrec.length)
|
||||
+ return 0; /* silently discard */
|
||||
+ hbtype = *p++;
|
||||
+ n2s(p, payload);
|
||||
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
|
||||
+ return 0; /* silently discard per RFC 6520 sec. 4 */
|
||||
+ pl = p;
|
||||
+
|
||||
if (hbtype == TLS1_HB_REQUEST)
|
||||
{
|
||||
unsigned char *buffer, *bp;
|
||||
+ unsigned int write_length = 1 /* heartbeat type */ +
|
||||
+ 2 /* heartbeat length */ +
|
||||
+ payload + padding;
|
||||
int r;
|
||||
|
||||
+ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
|
||||
+ return 0;
|
||||
+
|
||||
/* Allocate memory for the response, size is 1 byte
|
||||
* message type, plus 2 bytes payload length, plus
|
||||
* payload, plus padding
|
||||
*/
|
||||
- buffer = OPENSSL_malloc(1 + 2 + payload + padding);
|
||||
+ buffer = OPENSSL_malloc(write_length);
|
||||
bp = buffer;
|
||||
|
||||
/* Enter response type, length and copy payload */
|
||||
@@ -1489,11 +1499,11 @@ dtls1_process_heartbeat(SSL *s)
|
||||
/* Random padding */
|
||||
RAND_pseudo_bytes(bp, padding);
|
||||
|
||||
- r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
|
||||
+ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
|
||||
|
||||
if (r >= 0 && s->msg_callback)
|
||||
s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
|
||||
- buffer, 3 + payload + padding,
|
||||
+ buffer, write_length,
|
||||
s, s->msg_callback_arg);
|
||||
|
||||
OPENSSL_free(buffer);
|
||||
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
|
||||
index b82fada..bddffd9 100644
|
||||
--- a/ssl/t1_lib.c
|
||||
+++ b/ssl/t1_lib.c
|
||||
@@ -2588,16 +2588,20 @@ tls1_process_heartbeat(SSL *s)
|
||||
unsigned int payload;
|
||||
unsigned int padding = 16; /* Use minimum padding */
|
||||
|
||||
- /* Read type and payload length first */
|
||||
- hbtype = *p++;
|
||||
- n2s(p, payload);
|
||||
- pl = p;
|
||||
-
|
||||
if (s->msg_callback)
|
||||
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
|
||||
&s->s3->rrec.data[0], s->s3->rrec.length,
|
||||
s, s->msg_callback_arg);
|
||||
|
||||
+ /* Read type and payload length first */
|
||||
+ if (1 + 2 + 16 > s->s3->rrec.length)
|
||||
+ return 0; /* silently discard */
|
||||
+ hbtype = *p++;
|
||||
+ n2s(p, payload);
|
||||
+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
|
||||
+ return 0; /* silently discard per RFC 6520 sec. 4 */
|
||||
+ pl = p;
|
||||
+
|
||||
if (hbtype == TLS1_HB_REQUEST)
|
||||
{
|
||||
unsigned char *buffer, *bp;
|
@ -23,7 +23,7 @@
|
||||
Summary: Utilities from the general purpose cryptography library with TLS implementation
|
||||
Name: openssl
|
||||
Version: 1.0.1e
|
||||
Release: 43%{?dist}
|
||||
Release: 44%{?dist}
|
||||
Epoch: 1
|
||||
# We have to remove certain patented algorithms from the openssl source
|
||||
# tarball with the hobble-openssl script which is included below.
|
||||
@ -94,6 +94,8 @@ Patch86: openssl-1.0.1e-cve-2013-6449.patch
|
||||
Patch87: openssl-1.0.1e-cve-2013-6450.patch
|
||||
Patch88: openssl-1.0.1e-cve-2013-4353.patch
|
||||
Patch89: openssl-1.0.1e-ephemeral-key-size.patch
|
||||
# upstream patch for CVE-2014-0160
|
||||
Patch100: openssl.git-96db902.patch
|
||||
|
||||
License: OpenSSL
|
||||
Group: System Environment/Libraries
|
||||
@ -221,6 +223,7 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
|
||||
%patch87 -p1 -b .dtls1-mitm
|
||||
%patch88 -p1 -b .handshake-crash
|
||||
%patch89 -p1 -b .ephemeral
|
||||
%patch100 -p1 -b .CVE-2014-0160
|
||||
|
||||
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
|
||||
|
||||
@ -487,6 +490,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
||||
%postun libs -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Mon Apr 07 2014 Dennis Gilmore <dennis@ausil.us> - 1.0.1e-44
|
||||
- pull in upstream patch for CVE-2014-0160
|
||||
- removed CHANGES file portion from patch for expediency
|
||||
|
||||
* Thu Apr 3 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-43
|
||||
- add support for ppc64le architecture (#1072633)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user