From e02a34a658f23dc91c34f61ac8c2f62cc043e57f Mon Sep 17 00:00:00 2001 From: Tomas Halman Date: Fri, 17 Mar 2023 14:45:56 +0100 Subject: [PATCH] Random memory override Resolves: rhbz#2072469 --- 0002-check-cjose_get_alloc.patch | 25 +++++++++++++++++++++++++ cjose.spec | 7 ++++++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 0002-check-cjose_get_alloc.patch diff --git a/0002-check-cjose_get_alloc.patch b/0002-check-cjose_get_alloc.patch new file mode 100644 index 0000000..bcf02f5 --- /dev/null +++ b/0002-check-cjose_get_alloc.patch @@ -0,0 +1,25 @@ +commit 54d449473b21e93805070264791e80f84f601b4d +Author: Hans Zandbelt +Date: Tue Apr 5 20:51:20 2022 +0200 + + check result of cek = cjose_get_alloc()(cek_len) in jwe.c + + see: https://github.com/cisco/cjose/issues/110 + + Signed-off-by: Hans Zandbelt + +diff --git a/src/jwe.c b/src/jwe.c +index 4285097..157ddec 100644 +--- a/src/jwe.c ++++ b/src/jwe.c +@@ -2064,6 +2064,10 @@ uint8_t *cjose_jwe_decrypt_multi(cjose_jwe_t *jwe, cjose_key_locator key_locator + { + cek_len = jwe->cek_len; + cek = cjose_get_alloc()(cek_len); ++ if (!cek) { ++ CJOSE_ERROR(err, CJOSE_ERR_NO_MEMORY); ++ return NULL; ++ } + memcpy(cek, jwe->cek, cek_len); + } + else diff --git a/cjose.spec b/cjose.spec index 876dad7..bdb8e98 100644 --- a/cjose.spec +++ b/cjose.spec @@ -1,6 +1,6 @@ Name: cjose Version: 0.6.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: C library implementing the Javascript Object Signing and Encryption (JOSE) License: MIT @@ -8,6 +8,7 @@ URL: https://github.com/cisco/cjose Source0: https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz Patch1: concatkdf.patch +Patch2: 0002-check-cjose_get_alloc.patch BuildRequires: gcc BuildRequires: doxygen @@ -64,6 +65,10 @@ make check || (cat test/test-suite.log; exit 1) %changelog +* Fri Mar 17 2023 - 0.6.1-3 +- Random memory override + Resolves: rhbz#2072469 + * Thu Aug 2 2018 - 0.6.1-2 - fix concatkdf big endian architecture problem. Upstream issue #77.