diff options
| author | sommerfeld <sommerfeld> | 1999-12-02 17:20:13 +0000 |
|---|---|---|
| committer | sommerfeld <sommerfeld> | 1999-12-02 17:20:13 +0000 |
| commit | afce758319b194189ac9232b6e6fadb764906ace (patch) | |
| tree | 30963947721ef527a755a9c3d1aa78ea3436432e /security/rsaref/patches | |
| parent | 74aae51d0387349b786b4638bf643e740ed40f75 (diff) | |
| download | pkgsrc-afce758319b194189ac9232b6e6fadb764906ace.tar.gz | |
Range-check input buffer length against maximum modulus size. For
RSA*Encrypt() routines, require 3 bytes extra space for PKCS tags.
From Bugtraq posting <3845D352.95E47E26@core-sdi.com>, by
Gerardo Richarte <core.lists.bugtraq@CORE-SDI.COM>, dated
Wed, 1 Dec 1999 23:09:12 -0300
If you build packages with USE_RSAREF2 set, it is advisable to update
the rsaref package and any packages which may depend on it (openssl,
pgp2, ssh).
Diffstat (limited to 'security/rsaref/patches')
| -rw-r--r-- | security/rsaref/patches/patch-ah | 46 |
1 files changed, 41 insertions, 5 deletions
diff --git a/security/rsaref/patches/patch-ah b/security/rsaref/patches/patch-ah index 24bb20d57e3..4b074942627 100644 --- a/security/rsaref/patches/patch-ah +++ b/security/rsaref/patches/patch-ah @@ -1,7 +1,7 @@ -$NetBSD: patch-ah,v 1.1 1999/05/23 21:12:01 tv Exp $ +$NetBSD: patch-ah,v 1.2 1999/12/02 17:20:14 sommerfeld Exp $ ---- ../source/rsa.c.orig Sun May 23 16:57:34 1999 -+++ ../source/rsa.c Sun May 23 16:57:58 1999 +--- ../source/rsa.c.orig Fri Mar 25 14:01:48 1994 ++++ ../source/rsa.c Thu Dec 2 11:39:43 1999 @@ -11,10 +11,10 @@ #include "rsa.h" #include "nn.h" @@ -15,7 +15,43 @@ $NetBSD: patch-ah,v 1.1 1999/05/23 21:12:01 tv Exp $ ((unsigned char *, unsigned int *, unsigned char *, unsigned int, R_RSA_PRIVATE_KEY *)); -@@ -212,7 +212,7 @@ +@@ -33,6 +33,8 @@ + unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN]; + unsigned int i, modulusLen; + ++ if (inputLen+3>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ + modulusLen = (publicKey->bits + 7) / 8; + if (inputLen + 11 > modulusLen) + return (RE_LEN); +@@ -78,6 +80,8 @@ + unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; + unsigned int i, modulusLen, pkcsBlockLen; + ++ if (inputLen>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ + modulusLen = (publicKey->bits + 7) / 8; + if (inputLen > modulusLen) + return (RE_LEN); +@@ -129,6 +133,8 @@ + unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; + unsigned int i, modulusLen; + ++ if (inputLen+3>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ + modulusLen = (privateKey->bits + 7) / 8; + if (inputLen + 11 > modulusLen) + return (RE_LEN); +@@ -168,6 +174,8 @@ + unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN]; + unsigned int i, modulusLen, pkcsBlockLen; + ++ if (inputLen>MAX_RSA_MODULUS_LEN) return (RE_LEN); ++ + modulusLen = (privateKey->bits + 7) / 8; + if (inputLen > modulusLen) + return (RE_LEN); +@@ -212,7 +220,7 @@ Assumes inputLen < length of modulus. Requires input < modulus. */ @@ -24,7 +60,7 @@ $NetBSD: patch-ah,v 1.1 1999/05/23 21:12:01 tv Exp $ unsigned char *output; /* output block */ unsigned int *outputLen; /* length of output block */ unsigned char *input; /* input block */ -@@ -252,7 +252,7 @@ +@@ -252,7 +260,7 @@ Assumes inputLen < length of modulus. Requires input < modulus. */ |