svn commit: r191381 - head/crypto/openssl/crypto/asn1
releng/6.3 releng/6.3/crypto/openssl/crypto/asn1
releng/6.3/lib/libc/db/btree releng/6.3/lib/libc/db/hash
releng/6.3/lib/libc/db/mpool releng/6...
Max Laier
max at love2party.net
Sat Apr 25 03:24:49 UTC 2009
On Saturday 25 April 2009 00:18:19 Philip M. Gollucci wrote:
> I feel like it would better use svn to commit to head, stable/7, releng/7,
> stable/6, etc... seperately.
>
> I tried to diff -rPREV or grab a patch and it didn't help much cause it had
> all the different versions in it.
>
> Thoughts, RTFM ?
svn diff -c 191381 svn://svn.freebsd.org/base/{head,stable/{6,7}}
works like a charm.
> Colin Percival wrote:
> > Author: cperciva
> > Date: Wed Apr 22 14:07:14 2009
> > New Revision: 191381
> > URL: http://svn.freebsd.org/changeset/base/191381
> >
> > Log:
> > Don't leak information via uninitialized space in db(3) records.
> > [09:07]
> >
> > Sanity-check string lengths in order to stop OpenSSL crashing
> > when printing corrupt BMPString or UniversalString objects. [09:08]
> >
> > Security: FreeBSD-SA-09:07.libc
> > Security: FreeBSD-SA-09:08.openssl
> > Security: CVE-2009-0590
> > Approved by: re (kensmith)
> > Approved by: so (cperciva)
> >
> > Modified:
> > stable/7/crypto/openssl/crypto/asn1/asn1.h
> > stable/7/crypto/openssl/crypto/asn1/asn1_err.c
> > stable/7/crypto/openssl/crypto/asn1/tasn_dec.c
> >
> > Changes in other areas also in this revision:
> > Modified:
> > head/crypto/openssl/crypto/asn1/asn1.h
> > head/crypto/openssl/crypto/asn1/asn1_err.c
> > head/crypto/openssl/crypto/asn1/tasn_dec.c
> > releng/6.3/UPDATING
> > releng/6.3/crypto/openssl/crypto/asn1/asn1.h
> > releng/6.3/crypto/openssl/crypto/asn1/asn1_err.c
> > releng/6.3/crypto/openssl/crypto/asn1/tasn_dec.c
> > releng/6.3/lib/libc/db/btree/bt_split.c
> > releng/6.3/lib/libc/db/hash/hash_buf.c
> > releng/6.3/lib/libc/db/mpool/mpool.c
> > releng/6.3/sys/conf/newvers.sh
> > releng/6.4/UPDATING
> > releng/6.4/crypto/openssl/crypto/asn1/asn1.h
> > releng/6.4/crypto/openssl/crypto/asn1/asn1_err.c
> > releng/6.4/crypto/openssl/crypto/asn1/tasn_dec.c
> > releng/6.4/lib/libc/db/btree/bt_split.c
> > releng/6.4/lib/libc/db/hash/hash_buf.c
> > releng/6.4/lib/libc/db/mpool/mpool.c
> > releng/6.4/sys/conf/newvers.sh
> > releng/7.0/UPDATING
> > releng/7.0/crypto/openssl/crypto/asn1/asn1.h
> > releng/7.0/crypto/openssl/crypto/asn1/asn1_err.c
> > releng/7.0/crypto/openssl/crypto/asn1/tasn_dec.c
> > releng/7.0/lib/libc/db/btree/bt_split.c
> > releng/7.0/lib/libc/db/hash/hash_buf.c
> > releng/7.0/lib/libc/db/mpool/mpool.c
> > releng/7.0/sys/conf/newvers.sh
> > releng/7.1/UPDATING
> > releng/7.1/crypto/openssl/crypto/asn1/asn1.h
> > releng/7.1/crypto/openssl/crypto/asn1/asn1_err.c
> > releng/7.1/crypto/openssl/crypto/asn1/tasn_dec.c
> > releng/7.1/lib/libc/db/btree/bt_split.c
> > releng/7.1/lib/libc/db/hash/hash_buf.c
> > releng/7.1/lib/libc/db/mpool/mpool.c
> > releng/7.1/sys/conf/newvers.sh
> > releng/7.2/UPDATING
> > releng/7.2/crypto/openssl/crypto/asn1/asn1.h
> > releng/7.2/crypto/openssl/crypto/asn1/asn1_err.c
> > releng/7.2/crypto/openssl/crypto/asn1/tasn_dec.c
> > stable/6/crypto/openssl/crypto/asn1/asn1.h
> > stable/6/crypto/openssl/crypto/asn1/asn1_err.c
> > stable/6/crypto/openssl/crypto/asn1/tasn_dec.c
> >
> > Modified: stable/7/crypto/openssl/crypto/asn1/asn1.h
> > =========================================================================
> >===== --- stable/7/crypto/openssl/crypto/asn1/asn1.h Wed Apr 22 13:31:52
> > 2009 (r191380) +++ stable/7/crypto/openssl/crypto/asn1/asn1.h Wed Apr 22
> > 14:07:14 2009 (r191381) @@ -1134,6 +1134,7 @@ void
> > ERR_load_ASN1_strings(void);
> > #define ASN1_R_BAD_OBJECT_HEADER 102
> > #define ASN1_R_BAD_PASSWORD_READ 103
> > #define ASN1_R_BAD_TAG 104
> > +#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 210
> > #define ASN1_R_BN_LIB 105
> > #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
> > #define ASN1_R_BUFFER_TOO_SMALL 107
> > @@ -1213,6 +1214,7 @@ void ERR_load_ASN1_strings(void);
> > #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
> > #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
> > #define ASN1_R_UNEXPECTED_EOC 159
> > +#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 211
> > #define ASN1_R_UNKNOWN_FORMAT 160
> > #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
> > #define ASN1_R_UNKNOWN_OBJECT_TYPE 162
> >
> > Modified: stable/7/crypto/openssl/crypto/asn1/asn1_err.c
> > =========================================================================
> >===== --- stable/7/crypto/openssl/crypto/asn1/asn1_err.c Wed Apr 22
> > 13:31:52 2009 (r191380) +++
> > stable/7/crypto/openssl/crypto/asn1/asn1_err.c Wed Apr 22 14:07:14
> > 2009 (r191381) @@ -188,6 +188,7 @@ static ERR_STRING_DATA
> > ASN1_str_reasons[
> > {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"},
> > {ERR_REASON(ASN1_R_BAD_PASSWORD_READ) ,"bad password read"},
> > {ERR_REASON(ASN1_R_BAD_TAG) ,"bad tag"},
> > +{ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),"bmpstring is wrong
> > length"}, {ERR_REASON(ASN1_R_BN_LIB) ,"bn lib"},
> > {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
> > {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) ,"buffer too small"},
> > @@ -267,6 +268,7 @@ static ERR_STRING_DATA ASN1_str_reasons[
> > {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa
> > key"}, {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to
> > decode rsa private key"}, {ERR_REASON(ASN1_R_UNEXPECTED_EOC)
> > ,"unexpected eoc"},
> > +{ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),"universalstring is
> > wrong length"}, {ERR_REASON(ASN1_R_UNKNOWN_FORMAT) ,"unknown
> > format"},
> > {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message
> > digest algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown
> > object type"},
> >
> > Modified: stable/7/crypto/openssl/crypto/asn1/tasn_dec.c
> > =========================================================================
> >===== --- stable/7/crypto/openssl/crypto/asn1/tasn_dec.c Wed Apr 22
> > 13:31:52 2009 (r191380) +++
> > stable/7/crypto/openssl/crypto/asn1/tasn_dec.c Wed Apr 22 14:07:14
> > 2009 (r191381) @@ -1012,6 +1012,18 @@ int asn1_ex_c2i(ASN1_VALUE **pval,
> > const
> > case V_ASN1_SET:
> > case V_ASN1_SEQUENCE:
> > default:
> > + if (utype == V_ASN1_BMPSTRING && (len & 1))
> > + {
> > + ASN1err(ASN1_F_ASN1_EX_C2I,
> > + ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
> > + goto err;
> > + }
> > + if (utype == V_ASN1_UNIVERSALSTRING && (len & 3))
> > + {
> > + ASN1err(ASN1_F_ASN1_EX_C2I,
> > + ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
> > + goto err;
> > + }
> > /* All based on ASN1_STRING and handled the same */
> > if (!*pval)
> > {
> > _______________________________________________
> > svn-src-all at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/svn-src-all
> > To unsubscribe, send any mail to "svn-src-all-unsubscribe at freebsd.org"
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the svn-src-all
mailing list