svn commit: r327537 - in stable/8/crypto/openssl: crypto/asn1 crypto/bio crypto/bn crypto/dsa crypto/evp crypto/mdc2 crypto/x509 doc/apps ssl
Jung-uk Kim
jkim at FreeBSD.org
Thu Jan 4 01:21:26 UTC 2018
Author: jkim
Date: Thu Jan 4 01:21:24 2018
New Revision: 327537
URL: https://svnweb.freebsd.org/changeset/base/327537
Log:
MFS: r295060, r296462, r296597-296598, r299053, r306229, r306335, r308200
Sync. OpenSSL with stable/9.
r295060 (delphij):
Fix OpenSSL SSLv2 ciphersuite downgrade vulnerability. [SA-16:11]
r296462, r296597-296598 (delphij):
Fix multiple OpenSSL vulnerabilities. [SA-16:12]
r299053 (delphij):
Fix several OpenSSL vulnerabilities. [SA-16:17]
r306229, r306335 (delphij):
Fix multiple OpenSSL vulnerabilities. [SA-16:26]
r308200 (delphij):
Fix OpenSSL remote DoS vulnerability. [SA-16:35]
Requested by: danfe
Modified:
stable/8/crypto/openssl/crypto/asn1/a_type.c
stable/8/crypto/openssl/crypto/asn1/tasn_dec.c
stable/8/crypto/openssl/crypto/asn1/tasn_enc.c
stable/8/crypto/openssl/crypto/bio/b_print.c
stable/8/crypto/openssl/crypto/bn/bn.h
stable/8/crypto/openssl/crypto/bn/bn_exp.c
stable/8/crypto/openssl/crypto/bn/bn_print.c
stable/8/crypto/openssl/crypto/dsa/dsa_ossl.c
stable/8/crypto/openssl/crypto/evp/encode.c
stable/8/crypto/openssl/crypto/evp/evp_enc.c
stable/8/crypto/openssl/crypto/mdc2/mdc2dgst.c
stable/8/crypto/openssl/crypto/x509/x509_obj.c
stable/8/crypto/openssl/doc/apps/ciphers.pod
stable/8/crypto/openssl/ssl/d1_both.c
stable/8/crypto/openssl/ssl/d1_clnt.c
stable/8/crypto/openssl/ssl/d1_lib.c
stable/8/crypto/openssl/ssl/d1_pkt.c
stable/8/crypto/openssl/ssl/d1_srvr.c
stable/8/crypto/openssl/ssl/s2_lib.c
stable/8/crypto/openssl/ssl/s2_srvr.c
stable/8/crypto/openssl/ssl/s3_clnt.c
stable/8/crypto/openssl/ssl/s3_pkt.c
stable/8/crypto/openssl/ssl/s3_srvr.c
stable/8/crypto/openssl/ssl/ssl.h
stable/8/crypto/openssl/ssl/ssl3.h
stable/8/crypto/openssl/ssl/ssl_err.c
stable/8/crypto/openssl/ssl/ssl_lib.c
stable/8/crypto/openssl/ssl/ssl_locl.h
stable/8/crypto/openssl/ssl/ssl_sess.c
stable/8/crypto/openssl/ssl/t1_lib.c
Modified: stable/8/crypto/openssl/crypto/asn1/a_type.c
==============================================================================
--- stable/8/crypto/openssl/crypto/asn1/a_type.c Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/asn1/a_type.c Thu Jan 4 01:21:24 2018 (r327537)
@@ -123,9 +123,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE
result = 0; /* They do not have content. */
break;
case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
case V_ASN1_BIT_STRING:
case V_ASN1_OCTET_STRING:
case V_ASN1_SEQUENCE:
Modified: stable/8/crypto/openssl/crypto/asn1/tasn_dec.c
==============================================================================
--- stable/8/crypto/openssl/crypto/asn1/tasn_dec.c Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/asn1/tasn_dec.c Thu Jan 4 01:21:24 2018 (r327537)
@@ -901,9 +901,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char
break;
case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
tint = (ASN1_INTEGER **)pval;
if (!c2i_ASN1_INTEGER(tint, &cont, len))
goto err;
Modified: stable/8/crypto/openssl/crypto/asn1/tasn_enc.c
==============================================================================
--- stable/8/crypto/openssl/crypto/asn1/tasn_enc.c Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/asn1/tasn_enc.c Thu Jan 4 01:21:24 2018 (r327537)
@@ -610,9 +610,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout
break;
case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
/*
* These are all have the same content format as ASN1_INTEGER
*/
Modified: stable/8/crypto/openssl/crypto/bio/b_print.c
==============================================================================
--- stable/8/crypto/openssl/crypto/bio/b_print.c Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/bio/b_print.c Thu Jan 4 01:21:24 2018 (r327537)
@@ -122,20 +122,20 @@
# define LLONG long long
# endif
#else
-# define LLONG long
-#endif
-
-static void fmtstr(char **, char **, size_t *, size_t *,
- const char *, int, int, int);
-static void fmtint(char **, char **, size_t *, size_t *,
- LLONG, int, int, int, int);
-static void fmtfp(char **, char **, size_t *, size_t *,
- LDOUBLE, int, int, int);
-static void doapr_outch(char **, char **, size_t *, size_t *, int);
-static void _dopr(char **sbuffer, char **buffer,
- size_t *maxlen, size_t *retlen, int *truncated,
- const char *format, va_list args);
-
+# define LLONG long
+#endif
+
+static int fmtstr(char **, char **, size_t *, size_t *,
+ const char *, int, int, int);
+static int fmtint(char **, char **, size_t *, size_t *,
+ LLONG, int, int, int, int);
+static int fmtfp(char **, char **, size_t *, size_t *,
+ LDOUBLE, int, int, int);
+static int doapr_outch(char **, char **, size_t *, size_t *, int);
+static int _dopr(char **sbuffer, char **buffer,
+ size_t *maxlen, size_t *retlen, int *truncated,
+ const char *format, va_list args);
+
/* format read states */
#define DP_S_DEFAULT 0
#define DP_S_FLAGS 1
@@ -162,13 +162,13 @@ static void _dopr(char **sbuffer, char **buffer,
#define DP_C_LLONG 4
/* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static void
-_dopr(char **sbuffer,
- char **buffer,
- size_t *maxlen,
+#define char_to_int(p) (p - '0')
+#define OSSL_MAX(p,q) ((p >= q) ? p : q)
+
+static int
+_dopr(char **sbuffer,
+ char **buffer,
+ size_t *maxlen,
size_t *retlen, int *truncated, const char *format, va_list args)
{
char ch;
@@ -193,13 +193,14 @@ _dopr(char **sbuffer,
switch (state) {
case DP_S_DEFAULT:
- if (ch == '%')
- state = DP_S_FLAGS;
- else
- doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
- ch = *format++;
- break;
- case DP_S_FLAGS:
+ if (ch == '%')
+ state = DP_S_FLAGS;
+ else
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
+ return 0;
+ ch = *format++;
+ break;
+ case DP_S_FLAGS:
switch (ch) {
case '-':
flags |= DP_F_MINUS;
@@ -299,14 +300,15 @@ _dopr(char **sbuffer,
value = va_arg(args, LLONG);
break;
default:
- value = va_arg(args, int);
- break;
- }
- fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 10, min, max, flags);
- break;
- case 'X':
- flags |= DP_F_UP;
+ value = va_arg(args, int);
+ break;
+ }
+ if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
+ max, flags))
+ return 0;
+ break;
+ case 'X':
+ flags |= DP_F_UP;
/* FALLTHROUGH */
case 'x':
case 'o':
@@ -323,23 +325,25 @@ _dopr(char **sbuffer,
value = va_arg(args, unsigned LLONG);
break;
default:
- value = (LLONG) va_arg(args, unsigned int);
- break;
- }
- fmtint(sbuffer, buffer, &currlen, maxlen, value,
- ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
- min, max, flags);
- break;
- case 'f':
- if (cflags == DP_C_LDOUBLE)
- fvalue = va_arg(args, LDOUBLE);
- else
- fvalue = va_arg(args, double);
- fmtfp(sbuffer, buffer, &currlen, maxlen,
- fvalue, min, max, flags);
- break;
- case 'E':
- flags |= DP_F_UP;
+ value = (LLONG) va_arg(args, unsigned int);
+ break;
+ }
+ if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
+ ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
+ min, max, flags))
+ return 0;
+ break;
+ case 'f':
+ if (cflags == DP_C_LDOUBLE)
+ fvalue = va_arg(args, LDOUBLE);
+ else
+ fvalue = va_arg(args, double);
+ if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
+ flags))
+ return 0;
+ break;
+ case 'E':
+ flags |= DP_F_UP;
case 'e':
if (cflags == DP_C_LDOUBLE)
fvalue = va_arg(args, LDOUBLE);
@@ -352,30 +356,33 @@ _dopr(char **sbuffer,
if (cflags == DP_C_LDOUBLE)
fvalue = va_arg(args, LDOUBLE);
else
- fvalue = va_arg(args, double);
- break;
- case 'c':
- doapr_outch(sbuffer, buffer, &currlen, maxlen,
- va_arg(args, int));
- break;
- case 's':
- strvalue = va_arg(args, char *);
+ fvalue = va_arg(args, double);
+ break;
+ case 'c':
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
+ va_arg(args, int)))
+ return 0;
+ break;
+ case 's':
+ strvalue = va_arg(args, char *);
if (max < 0) {
if (buffer)
max = INT_MAX;
- else
- max = *maxlen;
- }
- fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
- flags, min, max);
- break;
- case 'p':
- value = (long)va_arg(args, void *);
- fmtint(sbuffer, buffer, &currlen, maxlen,
- value, 16, min, max, flags | DP_F_NUM);
- break;
- case 'n': /* XXX */
- if (cflags == DP_C_SHORT) {
+ else
+ max = *maxlen;
+ }
+ if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
+ flags, min, max))
+ return 0;
+ break;
+ case 'p':
+ value = (long)va_arg(args, void *);
+ if (!fmtint(sbuffer, buffer, &currlen, maxlen,
+ value, 16, min, max, flags | DP_F_NUM))
+ return 0;
+ break;
+ case 'n': /* XXX */
+ if (cflags == DP_C_SHORT) {
short int *num;
num = va_arg(args, short int *);
*num = currlen;
@@ -391,13 +398,14 @@ _dopr(char **sbuffer,
int *num;
num = va_arg(args, int *);
*num = currlen;
- }
- break;
- case '%':
- doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
- break;
- case 'w':
- /* not supported yet, treat as next char */
+ }
+ break;
+ case '%':
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
+ return 0;
+ break;
+ case 'w':
+ /* not supported yet, treat as next char */
ch = *format++;
break;
default:
@@ -415,52 +423,62 @@ _dopr(char **sbuffer,
break;
}
}
- *truncated = (currlen > *maxlen - 1);
- if (*truncated)
- currlen = *maxlen - 1;
- doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
- *retlen = currlen - 1;
- return;
-}
-
-static void
-fmtstr(char **sbuffer,
- char **buffer,
- size_t *currlen,
- size_t *maxlen, const char *value, int flags, int min, int max)
-{
- int padlen, strln;
- int cnt = 0;
-
- if (value == 0)
- value = "<NULL>";
- for (strln = 0; value[strln]; ++strln) ;
- padlen = min - strln;
- if (padlen < 0)
- padlen = 0;
- if (flags & DP_F_MINUS)
- padlen = -padlen;
-
- while ((padlen > 0) && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --padlen;
- ++cnt;
- }
- while (*value && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
- ++cnt;
- }
- while ((padlen < 0) && (cnt < max)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++padlen;
- ++cnt;
- }
-}
-
-static void
-fmtint(char **sbuffer,
- char **buffer,
- size_t *currlen,
+ *truncated = (currlen > *maxlen - 1);
+ if (*truncated)
+ currlen = *maxlen - 1;
+ if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
+ return 0;
+ *retlen = currlen - 1;
+ return 1;
+}
+
+static int
+fmtstr(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
+ size_t *maxlen, const char *value, int flags, int min, int max)
+{
+ int padlen;
+ size_t strln;
+ int cnt = 0;
+
+ if (value == 0)
+ value = "<NULL>";
+
+ strln = strlen(value);
+ if (strln > INT_MAX)
+ strln = INT_MAX;
+
+ padlen = min - strln;
+ if (min < 0 || padlen < 0)
+ padlen = 0;
+ if (flags & DP_F_MINUS)
+ padlen = -padlen;
+
+ while ((padlen > 0) && (cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --padlen;
+ ++cnt;
+ }
+ while (*value && (cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
+ return 0;
+ ++cnt;
+ }
+ while ((padlen < 0) && (cnt < max)) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++padlen;
+ ++cnt;
+ }
+ return 1;
+}
+
+static int
+fmtint(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
size_t *maxlen, LLONG value, int base, int min, int max, int flags)
{
int signvalue = 0;
@@ -514,43 +532,50 @@ fmtint(char **sbuffer,
}
if (flags & DP_F_MINUS)
spadlen = -spadlen;
-
- /* spaces */
- while (spadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --spadlen;
- }
-
- /* sign */
- if (signvalue)
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
- /* prefix */
- while (*prefix) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix);
- prefix++;
- }
-
- /* zeros */
- if (zpadlen > 0) {
- while (zpadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --zpadlen;
- }
- }
- /* digits */
- while (place > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
-
- /* left justified spaces */
- while (spadlen < 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++spadlen;
- }
- return;
-}
-
-static LDOUBLE abs_val(LDOUBLE value)
+
+ /* spaces */
+ while (spadlen > 0) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --spadlen;
+ }
+
+ /* sign */
+ if (signvalue)
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+ return 0;
+
+ /* prefix */
+ while (*prefix) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
+ return 0;
+ prefix++;
+ }
+
+ /* zeros */
+ if (zpadlen > 0) {
+ while (zpadlen > 0) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+ return 0;
+ --zpadlen;
+ }
+ }
+ /* digits */
+ while (place > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
+ return 0;
+ }
+
+ /* left justified spaces */
+ while (spadlen < 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++spadlen;
+ }
+ return 1;
+}
+
+static LDOUBLE abs_val(LDOUBLE value)
{
LDOUBLE result = value;
if (value < 0)
@@ -575,13 +600,13 @@ static long roundv(LDOUBLE value)
value = value - intpart;
if (value >= 0.5)
intpart++;
- return intpart;
-}
-
-static void
-fmtfp(char **sbuffer,
- char **buffer,
- size_t *currlen,
+ return intpart;
+}
+
+static int
+fmtfp(char **sbuffer,
+ char **buffer,
+ size_t *currlen,
size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
{
int signvalue = 0;
@@ -657,88 +682,108 @@ fmtfp(char **sbuffer,
padlen = 0;
if (flags & DP_F_MINUS)
padlen = -padlen;
-
- if ((flags & DP_F_ZERO) && (padlen > 0)) {
- if (signvalue) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
- --padlen;
- signvalue = 0;
- }
- while (padlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --padlen;
- }
- }
- while (padlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- --padlen;
- }
- if (signvalue)
- doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
- while (iplace > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
-
- /*
- * Decimal point. This should probably use locale to find the correct
- * char to print out.
- */
- if (max > 0 || (flags & DP_F_NUM)) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
-
- while (fplace > 0)
- doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
- }
- while (zpadlen > 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
- --zpadlen;
- }
-
- while (padlen < 0) {
- doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
- ++padlen;
- }
-}
-
-static void
-doapr_outch(char **sbuffer,
- char **buffer, size_t *currlen, size_t *maxlen, int c)
-{
- /* If we haven't at least one buffer, someone has doe a big booboo */
- assert(*sbuffer != NULL || buffer != NULL);
-
- if (buffer) {
- while (*currlen >= *maxlen) {
- if (*buffer == NULL) {
- if (*maxlen == 0)
- *maxlen = 1024;
- *buffer = OPENSSL_malloc(*maxlen);
- if (*currlen > 0) {
- assert(*sbuffer != NULL);
- memcpy(*buffer, *sbuffer, *currlen);
- }
- *sbuffer = NULL;
- } else {
- *maxlen += 1024;
- *buffer = OPENSSL_realloc(*buffer, *maxlen);
- }
- }
- /* What to do if *buffer is NULL? */
- assert(*sbuffer != NULL || *buffer != NULL);
- }
-
- if (*currlen < *maxlen) {
- if (*sbuffer)
+
+ if ((flags & DP_F_ZERO) && (padlen > 0)) {
+ if (signvalue) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+ return 0;
+ --padlen;
+ signvalue = 0;
+ }
+ while (padlen > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+ return 0;
+ --padlen;
+ }
+ }
+ while (padlen > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ --padlen;
+ }
+ if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+ return 0;
+
+ while (iplace > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
+ return 0;
+ }
+
+ /*
+ * Decimal point. This should probably use locale to find the correct
+ * char to print out.
+ */
+ if (max > 0 || (flags & DP_F_NUM)) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
+ return 0;
+
+ while (fplace > 0) {
+ if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
+ fconvert[--fplace]))
+ return 0;
+ }
+ }
+ while (zpadlen > 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+ return 0;
+ --zpadlen;
+ }
+
+ while (padlen < 0) {
+ if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+ return 0;
+ ++padlen;
+ }
+ return 1;
+}
+
+#define BUFFER_INC 1024
+
+static int
+doapr_outch(char **sbuffer,
+ char **buffer, size_t *currlen, size_t *maxlen, int c)
+{
+ /* If we haven't at least one buffer, someone has doe a big booboo */
+ assert(*sbuffer != NULL || buffer != NULL);
+
+ /* |currlen| must always be <= |*maxlen| */
+ assert(*currlen <= *maxlen);
+
+ if (buffer && *currlen == *maxlen) {
+ if (*maxlen > INT_MAX - BUFFER_INC)
+ return 0;
+
+ *maxlen += BUFFER_INC;
+ if (*buffer == NULL) {
+ *buffer = OPENSSL_malloc(*maxlen);
+ if (*buffer == NULL)
+ return 0;
+ if (*currlen > 0) {
+ assert(*sbuffer != NULL);
+ memcpy(*buffer, *sbuffer, *currlen);
+ }
+ *sbuffer = NULL;
+ } else {
+ char *tmpbuf;
+ tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
+ if (tmpbuf == NULL)
+ return 0;
+ *buffer = tmpbuf;
+ }
+ }
+
+ if (*currlen < *maxlen) {
+ if (*sbuffer)
(*sbuffer)[(*currlen)++] = (char)c;
else
- (*buffer)[(*currlen)++] = (char)c;
- }
+ (*buffer)[(*currlen)++] = (char)c;
+ }
+
+ return 1;
+}
+
+/***************************************************************************/
- return;
-}
-
-/***************************************************************************/
-
int BIO_printf(BIO *bio, const char *format, ...)
{
va_list args;
@@ -763,13 +808,17 @@ int BIO_vprintf(BIO *bio, const char *format, va_list
size_t hugebufsize = sizeof(hugebuf);
char *dynbuf = NULL;
int ignored;
-
- dynbuf = NULL;
- CRYPTO_push_info("doapr()");
- _dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, args);
- if (dynbuf) {
- ret = BIO_write(bio, dynbuf, (int)retlen);
- OPENSSL_free(dynbuf);
+
+ dynbuf = NULL;
+ CRYPTO_push_info("doapr()");
+ if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
+ args)) {
+ OPENSSL_free(dynbuf);
+ return -1;
+ }
+ if (dynbuf) {
+ ret = BIO_write(bio, dynbuf, (int)retlen);
+ OPENSSL_free(dynbuf);
} else {
ret = BIO_write(bio, hugebuf, (int)retlen);
}
@@ -798,13 +847,14 @@ int BIO_snprintf(char *buf, size_t n, const char *form
int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
{
- size_t retlen;
- int truncated;
-
- _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
-
- if (truncated)
- /*
+ size_t retlen;
+ int truncated;
+
+ if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
+ return -1;
+
+ if (truncated)
+ /*
* In case of truncation, return -1 like traditional snprintf.
* (Current drafts for ISO/IEC 9899 say snprintf should return the
* number of characters that would have been written, had the buffer
Modified: stable/8/crypto/openssl/crypto/bn/bn.h
==============================================================================
--- stable/8/crypto/openssl/crypto/bn/bn.h Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/bn/bn.h Thu Jan 4 01:21:24 2018 (r327537)
@@ -69,12 +69,13 @@
*
*/
-#ifndef HEADER_BN_H
-# define HEADER_BN_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_FP_API
-# include <stdio.h> /* FILE */
+#ifndef HEADER_BN_H
+# define HEADER_BN_H
+
+# include <limits.h>
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_FP_API
+# include <stdio.h> /* FILE */
# endif
# include <openssl/ossl_typ.h>
@@ -701,14 +702,23 @@ const BIGNUM *BN_get0_nist_prime_224(void);
const BIGNUM *BN_get0_nist_prime_256(void);
const BIGNUM *BN_get0_nist_prime_384(void);
const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
- (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
-# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-# ifndef OPENSSL_NO_DEPRECATED
+
+/* library internal functions */
+
+# define bn_expand(a,bits) \
+ ( \
+ bits > (INT_MAX - BN_BITS2 + 1) ? \
+ NULL \
+ : \
+ (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
+ (a) \
+ : \
+ bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
+ )
+
+# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
+BIGNUM *bn_expand2(BIGNUM *a, int words);
+# ifndef OPENSSL_NO_DEPRECATED
BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
# endif
Modified: stable/8/crypto/openssl/crypto/bn/bn_exp.c
==============================================================================
--- stable/8/crypto/openssl/crypto/bn/bn_exp.c Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/bn/bn_exp.c Thu Jan 4 01:21:24 2018 (r327537)
@@ -110,6 +110,7 @@
*/
#include "cryptlib.h"
+#include "constant_time_locl.h"
#include "bn_lcl.h"
/* maximum precomputation table size for *variable* sliding windows */
@@ -523,9 +524,11 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const
static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top,
unsigned char *buf, int idx,
- int width)
+ int window)
{
- size_t i, j;
+ int i, j;
+ int width = 1 << window;
+ BN_ULONG *table = (BN_ULONG *)buf;
if (bn_wexpand(b, top) == NULL)
return 0;
@@ -533,8 +536,8 @@ static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int
b->d[b->top++] = 0;
}
- for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
- buf[j] = ((unsigned char *)b->d)[i];
+ for (i = 0, j = idx; i < top; i++, j += width) {
+ table[j] = b->d[i];
}
bn_correct_top(b);
@@ -543,15 +546,51 @@ static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int
static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
unsigned char *buf, int idx,
- int width)
+ int window)
{
- size_t i, j;
+ int i, j;
+ int width = 1 << window;
+ volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
if (bn_wexpand(b, top) == NULL)
return 0;
- for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
- ((unsigned char *)b->d)[i] = buf[j];
+ if (window <= 3) {
+ for (i = 0; i < top; i++, table += width) {
+ BN_ULONG acc = 0;
+
+ for (j = 0; j < width; j++) {
+ acc |= table[j] &
+ ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
+ }
+
+ b->d[i] = acc;
+ }
+ } else {
+ int xstride = 1 << (window - 2);
+ BN_ULONG y0, y1, y2, y3;
+
+ i = idx >> (window - 2); /* equivalent of idx / xstride */
+ idx &= xstride - 1; /* equivalent of idx % xstride */
+
+ y0 = (BN_ULONG)0 - (constant_time_eq_int(i,0)&1);
+ y1 = (BN_ULONG)0 - (constant_time_eq_int(i,1)&1);
+ y2 = (BN_ULONG)0 - (constant_time_eq_int(i,2)&1);
+ y3 = (BN_ULONG)0 - (constant_time_eq_int(i,3)&1);
+
+ for (i = 0; i < top; i++, table += width) {
+ BN_ULONG acc = 0;
+
+ for (j = 0; j < xstride; j++) {
+ acc |= ( (table[j + 0 * xstride] & y0) |
+ (table[j + 1 * xstride] & y1) |
+ (table[j + 2 * xstride] & y2) |
+ (table[j + 3 * xstride] & y3) )
+ & ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
+ }
+
+ b->d[i] = acc;
+ }
}
b->top = top;
@@ -648,7 +687,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
*/
if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers))
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, window))
goto err;
/* Initialize computeTemp as a^1 with montgomery precalcs */
@@ -667,7 +706,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
goto err;
if (!BN_copy(computeTemp, am))
goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers))
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, window))
goto err;
/*
@@ -682,8 +721,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
if (!BN_mod_mul_montgomery
(computeTemp, am, computeTemp, mont, ctx))
goto err;
- if (!MOD_EXP_CTIME_COPY_TO_PREBUF
- (computeTemp, top, powerbuf, i, numPowers))
+ if (!MOD_EXP_CTIME_COPY_TO_PREBUF(computeTemp, top, powerbuf, i,
+ window))
goto err;
}
}
@@ -719,7 +758,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
* Fetch the appropriate pre-computed value from the pre-buf
*/
if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
- (computeTemp, top, powerbuf, wvalue, numPowers))
+ (computeTemp, top, powerbuf, wvalue, window))
goto err;
/* Multiply the result into the intermediate result */
Modified: stable/8/crypto/openssl/crypto/bn/bn_print.c
==============================================================================
--- stable/8/crypto/openssl/crypto/bn/bn_print.c Thu Jan 4 00:58:30 2018 (r327536)
+++ stable/8/crypto/openssl/crypto/bn/bn_print.c Thu Jan 4 01:21:24 2018 (r327537)
@@ -55,13 +55,14 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
+
+#include <stdio.h>
+#include <ctype.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include "bn_lcl.h"
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include "bn_lcl.h"
-
static const char Hex[] = "0123456789ABCDEF";
/* Must 'OPENSSL_free' the returned data */
@@ -110,6 +111,7 @@ char *BN_bn2dec(const BIGNUM *a)
char *p;
BIGNUM *t = NULL;
BN_ULONG *bn_data = NULL, *lp;
+ int bn_data_num;
/*-
* get an upper bound for the length of the decimal integer
@@ -119,8 +121,8 @@ char *BN_bn2dec(const BIGNUM *a)
*/
i = BN_num_bits(a) * 3;
num = (i / 10 + i / 1000 + 1) + 1;
- bn_data =
- (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG));
+ bn_data_num = num / BN_DEC_NUM + 1;
+ bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
buf = (char *)OPENSSL_malloc(num + 3);
if ((buf == NULL) || (bn_data == NULL)) {
BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
@@ -139,9 +141,12 @@ char *BN_bn2dec(const BIGNUM *a)
if (BN_is_negative(t))
*p++ = '-';
- i = 0;
while (!BN_is_zero(t)) {
+ if (lp - bn_data >= bn_data_num)
+ goto err;
*lp = BN_div_word(t, BN_DEC_CONV);
+ if (*lp == (BN_ULONG)-1)
+ goto err;
lp++;
}
lp--;
@@ -186,28 +191,32 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
if (*a == '-') {
neg = 1;
- a++;
- }
+ a++;
+ }
+
+ for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
+ continue;
+
+ if (i > INT_MAX/4)
+ goto err;
+
+ num = i + neg;
+ if (bn == NULL)
+ return (num);
- for (i = 0; isxdigit((unsigned char)a[i]); i++) ;
-
- num = i + neg;
- if (bn == NULL)
- return (num);
-
/* a is the start of the hex digits, and it is 'i' long */
if (*bn == NULL) {
if ((ret = BN_new()) == NULL)
return (0);
} else {
ret = *bn;
- BN_zero(ret);
- }
-
- /* i is the number of hex digests; */
- if (bn_expand(ret, i * 4) == NULL)
- goto err;
-
+ BN_zero(ret);
+ }
+
+ /* i is the number of hex digits */
+ if (bn_expand(ret, i * 4) == NULL)
+ goto err;
+
j = i; /* least significant 'hex' */
m = 0;
h = 0;
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable-8
mailing list