diff options
| author | sommerfeld <sommerfeld> | 1999-12-14 21:43:05 +0000 |
|---|---|---|
| committer | sommerfeld <sommerfeld> | 1999-12-14 21:43:05 +0000 |
| commit | 66476d2d7b67200713244abe7ce17e017496001a (patch) | |
| tree | 4642ead2ca3015369e78a2646cf30c0c1305f958 /security/rsaref/patches | |
| parent | fc998a6ade0a9989cb4ae4ae11ec6c85d34258b8 (diff) | |
| download | pkgsrc-66476d2d7b67200713244abe7ce17e017496001a.tar.gz | |
Revised buffer-overrun fix from CERT CA-99-15
(believed more complete than previous fix).
Diffstat (limited to 'security/rsaref/patches')
| -rw-r--r-- | security/rsaref/patches/patch-ah | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/security/rsaref/patches/patch-ah b/security/rsaref/patches/patch-ah index 4b074942627..e3106291593 100644 --- a/security/rsaref/patches/patch-ah +++ b/security/rsaref/patches/patch-ah @@ -1,7 +1,7 @@ -$NetBSD: patch-ah,v 1.2 1999/12/02 17:20:14 sommerfeld Exp $ +$NetBSD: patch-ah,v 1.3 1999/12/14 21:43:06 sommerfeld Exp $ --- ../source/rsa.c.orig Fri Mar 25 14:01:48 1994 -+++ ../source/rsa.c Thu Dec 2 11:39:43 1999 ++++ ../source/rsa.c Tue Dec 14 16:28:19 1999 @@ -11,10 +11,10 @@ #include "rsa.h" #include "nn.h" @@ -15,43 +15,47 @@ $NetBSD: patch-ah,v 1.2 1999/12/02 17:20:14 sommerfeld Exp $ ((unsigned char *, unsigned int *, unsigned char *, unsigned int, R_RSA_PRIVATE_KEY *)); -@@ -33,6 +33,8 @@ +@@ -33,6 +33,9 @@ unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen; + if (inputLen+3>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ if (publicKey->bits > MAX_RSA_MODULUS_BITS) return (RE_LEN); + modulusLen = (publicKey->bits + 7) / 8; if (inputLen + 11 > modulusLen) return (RE_LEN); -@@ -78,6 +80,8 @@ +@@ -78,6 +81,9 @@ unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen, pkcsBlockLen; + if (inputLen>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ if (publicKey->bits > MAX_RSA_MODULUS_BITS) return (RE_LEN); + modulusLen = (publicKey->bits + 7) / 8; if (inputLen > modulusLen) return (RE_LEN); -@@ -129,6 +133,8 @@ +@@ -129,6 +135,9 @@ unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen; + if (inputLen+3>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ if (privateKey->bits > MAX_RSA_MODULUS_BITS) return (RE_LEN); + modulusLen = (privateKey->bits + 7) / 8; if (inputLen + 11 > modulusLen) return (RE_LEN); -@@ -168,6 +174,8 @@ +@@ -168,6 +177,9 @@ unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; unsigned int i, modulusLen, pkcsBlockLen; + if (inputLen>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ if (privateKey->bits > MAX_RSA_MODULUS_BITS) return (RE_LEN); + modulusLen = (privateKey->bits + 7) / 8; if (inputLen > modulusLen) return (RE_LEN); -@@ -212,7 +220,7 @@ +@@ -212,7 +224,7 @@ Assumes inputLen < length of modulus. Requires input < modulus. */ @@ -60,7 +64,7 @@ $NetBSD: patch-ah,v 1.2 1999/12/02 17:20:14 sommerfeld Exp $ unsigned char *output; /* output block */ unsigned int *outputLen; /* length of output block */ unsigned char *input; /* input block */ -@@ -252,7 +260,7 @@ +@@ -252,7 +264,7 @@ Assumes inputLen < length of modulus. Requires input < modulus. */ |