Range-check input buffer length against maximum modulus size. For

RSA*Encrypt() routines, require 3 bytes extra space for PKCS tags.

From Bugtraq posting <3845D352.95E47E26@core-sdi.com>, by
Gerardo Richarte <core.lists.bugtraq@CORE-SDI.COM>, dated
Wed, 1 Dec 1999 23:09:12 -0300

If you build packages with USE_RSAREF2 set, it is advisable to update
the rsaref package and any packages which may depend on it (openssl,
pgp2, ssh).

2 files changed, 43 insertions, 7 deletions

diff --git a/security/rsaref/files/patch-sum b/security/rsaref/files/patch-sum
index b82a8d4b5bd..d89527bbbaa 100644
--- a/security/rsaref/files/patch-sum
+++ b/security/rsaref/files/patch-sum
@@ -1,4 +1,4 @@
-$NetBSD: patch-sum,v 1.1 1999/07/09 14:23:04 agc Exp $
+$NetBSD: patch-sum,v 1.2 1999/12/02 17:20:13 sommerfeld Exp $
 
 MD5 (patch-aa) = 3d1707a6b7076325f9b3686060b392b2
 MD5 (patch-ab) = f6d8972d7ea02a62d4f5ba0120d96bba
@@ -7,4 +7,4 @@ MD5 (patch-ad) = 910f5414202345b27b0e2b5673a92837
 MD5 (patch-ae) = b338ae75ce4c89fce35713215024fd7c
 MD5 (patch-af) = 88c571c7ff76b174fa5e12036794c0d4
 MD5 (patch-ag) = f060d7321eaa6899851214f095f0eda1
-MD5 (patch-ah) = 2d7c1f759b56a629efc53ba026da7893
+MD5 (patch-ah) = 63662bfdab838e07a627758999bfa157
diff --git a/security/rsaref/patches/patch-ah b/security/rsaref/patches/patch-ah
index 24bb20d57e3..4b074942627 100644
--- a/security/rsaref/patches/patch-ah
+++ b/security/rsaref/patches/patch-ah
@@ -1,7 +1,7 @@
-$NetBSD: patch-ah,v 1.1 1999/05/23 21:12:01 tv Exp $
+$NetBSD: patch-ah,v 1.2 1999/12/02 17:20:14 sommerfeld Exp $
 
---- ../source/rsa.c.orig	Sun May 23 16:57:34 1999
-+++ ../source/rsa.c	Sun May 23 16:57:58 1999
+--- ../source/rsa.c.orig	Fri Mar 25 14:01:48 1994
++++ ../source/rsa.c	Thu Dec  2 11:39:43 1999
 @@ -11,10 +11,10 @@
  #include "rsa.h"
  #include "nn.h"
@@ -15,7 +15,43 @@ $NetBSD: patch-ah,v 1.1 1999/05/23 21:12:01 tv Exp $
    ((unsigned char *, unsigned int *, unsigned char *, unsigned int,
      R_RSA_PRIVATE_KEY *));
  
-@@ -212,7 +212,7 @@
+@@ -33,6 +33,8 @@
+   unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
+   unsigned int i, modulusLen;
+   
++  if (inputLen+3>MAX_RSA_MODULUS_LEN) return (RE_LEN);
++
+   modulusLen = (publicKey->bits + 7) / 8;
+   if (inputLen + 11 > modulusLen)
+     return (RE_LEN);
+@@ -78,6 +80,8 @@
+   unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
+   unsigned int i, modulusLen, pkcsBlockLen;
+   
++  if (inputLen>MAX_RSA_MODULUS_LEN) return (RE_LEN);
++
+   modulusLen = (publicKey->bits + 7) / 8;
+   if (inputLen > modulusLen)
+     return (RE_LEN);
+@@ -129,6 +133,8 @@
+   unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
+   unsigned int i, modulusLen;
+   
++  if (inputLen+3>MAX_RSA_MODULUS_LEN) return (RE_LEN);
++
+   modulusLen = (privateKey->bits + 7) / 8;
+   if (inputLen + 11 > modulusLen)
+     return (RE_LEN);
+@@ -168,6 +174,8 @@
+   unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
+   unsigned int i, modulusLen, pkcsBlockLen;
+   
++  if (inputLen>MAX_RSA_MODULUS_LEN) return (RE_LEN);
++
+   modulusLen = (privateKey->bits + 7) / 8;
+   if (inputLen > modulusLen)
+     return (RE_LEN);
+@@ -212,7 +220,7 @@
     Assumes inputLen < length of modulus.
     Requires input < modulus.
   */
@@ -24,7 +60,7 @@ $NetBSD: patch-ah,v 1.1 1999/05/23 21:12:01 tv Exp $
  unsigned char *output;                                      /* output block */
  unsigned int *outputLen;                          /* length of output block */
  unsigned char *input;                                        /* input block */
-@@ -252,7 +252,7 @@
+@@ -252,7 +260,7 @@
     Assumes inputLen < length of modulus.
     Requires input < modulus.
   */