rpms/cyrus-sasl
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix memleak in backport

Browse Source 
Resolves: RHEL-62

Signed-off-by: Simo Sorce <simo@redhat.com>
This commit is contained in:
Simo Sorce 2022-08-01 09:07:41 -04:00
parent 66c6008b4d
commit d3ea93ab95
2 changed files with 29 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
cyrus-sasl-2.1.27-cumulative-digestmd5.patch
View File

@ -1,6 +1,6 @@
diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c
--- cyrus-sasl-2.1.27/plugins/digestmd5.c 2021-09-30 17:13:06.573093526 -0400 --- cyrus-sasl-2.1.27/plugins/digestmd5.c 2022-09-08 12:22:03.782961573 -0400
+++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2021-09-30 17:26:31.818378442 -0400 +++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2022-09-08 12:24:20.289994669 -0400
@@ -80,6 +80,12 @@ @@ -80,6 +80,12 @@
# endif # endif
#endif /* WITH_DES */ #endif /* WITH_DES */
@ -105,7 +105,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
/* setup dec context */ /* setup dec context */
c++; c++;
@@ -1102,60 +1114,139 @@ @@ -1102,34 +1114,83 @@
memcpy(c->ivec, ((char *) deckey) + 8, 8); memcpy(c->ivec, ((char *) deckey) + 8, 8);
@ -201,16 +201,14 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
} }
static int init_rc4(context_t *text, static int init_rc4(context_t *text,
unsigned char enckey[16], @@ -1139,23 +1200,57 @@
unsigned char deckey[16])
{
+ const EVP_CIPHER *cipher;
EVP_CIPHER_CTX *ctx; EVP_CIPHER_CTX *ctx;
int rc; int rc;
- ctx = EVP_CIPHER_CTX_new(); - ctx = EVP_CIPHER_CTX_new();
- if (ctx == NULL) return SASL_NOMEM; - if (ctx == NULL) return SASL_NOMEM;
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ EVP_CIPHER *cipher;
+ ossl3_context_t *ossl3_ctx; + ossl3_context_t *ossl3_ctx;
- rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL); - rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL);
@ -221,6 +219,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
+ ossl3_ctx = (ossl3_context_t *)text->crypto.libctx; + ossl3_ctx = (ossl3_context_t *)text->crypto.libctx;
+ cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", ""); + cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", "");
+#else +#else
+ const EVP_CIPHER *cipher;
+ cipher = EVP_rc4(); + cipher = EVP_rc4();
+#endif +#endif
@ -241,25 +240,28 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
+ goto done; + goto done;
+ } + }
+ text->crypto.enc_ctx = (void *)ctx; + text->crypto.enc_ctx = (void *)ctx;
+
- text->cipher_dec_context = (void *)ctx;
+ ctx = EVP_CIPHER_CTX_new(); + ctx = EVP_CIPHER_CTX_new();
+ if (ctx == NULL) { + if (ctx == NULL) {
+ rc = SASL_NOMEM; + rc = SASL_NOMEM;
+ goto done; + goto done;
+ } + }
+
- return SASL_OK;
+ rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL); + rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL);
+ if (rc != 1) { + if (rc != 1) {
+ rc = SASL_FAIL; + rc = SASL_FAIL;
+ goto done; + goto done;
+ } + }
+ text->crypto.dec_ctx = (void *)ctx; + text->crypto.dec_ctx = (void *)ctx;
+
- text->cipher_dec_context = (void *)ctx;
+ rc = SASL_OK; + rc = SASL_OK;
+
- return SASL_OK;
+done: +done:
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ EVP_CIPHER_free(cipher);
+#endif
+ if (rc != SASL_OK) { + if (rc != SASL_OK) {
+ free_rc4(text); + free_rc4(text);
+ } + }
@ -267,7 +269,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
} }
static int dec_rc4(context_t *text, static int dec_rc4(context_t *text,
@@ -1169,14 +1260,14 @@ @@ -1169,14 +1264,14 @@
int rc; int rc;
/* decrypt the text part & HMAC */ /* decrypt the text part & HMAC */
@ -284,7 +286,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
(unsigned char *)output + len, &len); (unsigned char *)output + len, &len);
if (rc != 1) return SASL_FAIL; if (rc != 1) return SASL_FAIL;
@@ -1198,7 +1289,7 @@ @@ -1198,7 +1293,7 @@
int len; int len;
int rc; int rc;
/* encrypt the text part */ /* encrypt the text part */
@ -293,7 +295,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
(unsigned char *)output, &len, (unsigned char *)output, &len,
(const unsigned char *)input, inputlen); (const unsigned char *)input, inputlen);
if (rc != 1) return SASL_FAIL; if (rc != 1) return SASL_FAIL;
@@ -1206,14 +1297,14 @@ @@ -1206,14 +1301,14 @@
*outputlen = len; *outputlen = len;
/* encrypt the `MAC part */ /* encrypt the `MAC part */
@ -310,7 +312,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
(unsigned char *)output + *outputlen, &len); (unsigned char *)output + *outputlen, &len);
if (rc != 1) return SASL_FAIL; if (rc != 1) return SASL_FAIL;
@@ -1221,188 +1312,11 @@ @@ -1221,188 +1316,11 @@
return SASL_OK; return SASL_OK;
} }
@ -499,7 +501,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
{ "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 }, { "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
#endif #endif
#ifdef WITH_DES #ifdef WITH_DES
@@ -2815,6 +2729,7 @@ @@ -2815,6 +2733,7 @@
} }
if (cptr->name) { if (cptr->name) {
@ -507,7 +509,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
text->cipher_enc = cptr->cipher_enc; text->cipher_enc = cptr->cipher_enc;
text->cipher_dec = cptr->cipher_dec; text->cipher_dec = cptr->cipher_dec;
text->cipher_init = cptr->cipher_init; text->cipher_init = cptr->cipher_init;
@@ -2958,7 +2873,10 @@ @@ -2958,7 +2877,10 @@
if (text->cipher_init) { if (text->cipher_init) {
if (text->cipher_init(text, enckey, deckey) != SASL_OK) { if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
sparams->utils->seterror(sparams->utils->conn, 0, sparams->utils->seterror(sparams->utils->conn, 0,
@ -519,7 +521,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
} }
} }
} }
@@ -3509,6 +3427,7 @@ @@ -3509,6 +3431,7 @@
oparams->mech_ssf = ctext->cipher->ssf; oparams->mech_ssf = ctext->cipher->ssf;
nbits = ctext->cipher->n; nbits = ctext->cipher->n;
@ -527,7 +529,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
text->cipher_enc = ctext->cipher->cipher_enc; text->cipher_enc = ctext->cipher->cipher_enc;
text->cipher_dec = ctext->cipher->cipher_dec; text->cipher_dec = ctext->cipher->cipher_dec;
text->cipher_free = ctext->cipher->cipher_free; text->cipher_free = ctext->cipher->cipher_free;
@@ -3733,7 +3652,13 @@ @@ -3733,7 +3656,13 @@
/* initialize cipher if need be */ /* initialize cipher if need be */
if (text->cipher_init) { if (text->cipher_init) {

9
cyrus-sasl.spec
View File

@ -9,7 +9,7 @@
Summary: The Cyrus SASL library Summary: The Cyrus SASL library
Name: cyrus-sasl Name: cyrus-sasl
Version: 2.1.27 Version: 2.1.27
Release: 20%{?dist} Release: 21%{?dist}
License: BSD with advertising License: BSD with advertising
URL: https://www.cyrusimap.org/sasl/ URL: https://www.cyrusimap.org/sasl/
@ -401,11 +401,14 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir}
%{_sbindir}/sasl2-shared-mechlist %{_sbindir}/sasl2-shared-mechlist
%changelog %changelog
* Thu Feb 23 2022 Simo Sorce <simo@redhat.com> - 2.1.27-6 * Mon Aug 1 2022 Simo Sorce <simo@redhat.com> - 2.1.27-21
- Fix memleak
* Wed Feb 23 2022 Simo Sorce <simo@redhat.com> - 2.1.27-20
- Fix for CVE-2022-24407 - Fix for CVE-2022-24407
- Resolves: rhbz#2055848 - Resolves: rhbz#2055848
* Mon Feb 9 2022 Simo Sorce <simo@redhat.com> - 2.1.27-19 * Wed Feb 9 2022 Simo Sorce <simo@redhat.com> - 2.1.27-19
- Fix a memleak in one of the OpenSSL 3 compat patches - Fix a memleak in one of the OpenSSL 3 compat patches
found by covscan found by covscan