diff options
| author | sommerfeld <sommerfeld@pkgsrc.org> | 1999-11-12 14:10:52 +0000 |
|---|---|---|
| committer | sommerfeld <sommerfeld@pkgsrc.org> | 1999-11-12 14:10:52 +0000 |
| commit | 952c8989150a3269e5360ce24bfa0838997b036e (patch) | |
| tree | 40d775cd8d793a052f49cad66d7f4bf011e08f45 /security | |
| parent | 340e896bb1b4c5424affd238fa12addd1ed0dbce (diff) | |
| download | pkgsrc-952c8989150a3269e5360ce24bfa0838997b036e.tar.gz | |
fix security problem with using RSAREF with ssh, reported in FreeBSD
PR14749 (missing range checks in rsaglue.c)
see http://www.freebsd.org/cgi/query-pr.cgi?pr=14749
Diffstat (limited to 'security')
| -rw-r--r-- | security/ssh/files/patch-sum | 4 | ||||
| -rw-r--r-- | security/ssh/files/patch-sum-v6 | 4 | ||||
| -rw-r--r-- | security/ssh/patches/patch-aa | 30 |
3 files changed, 30 insertions, 8 deletions
diff --git a/security/ssh/files/patch-sum b/security/ssh/files/patch-sum index c2a344f2414..9c9ebe60276 100644 --- a/security/ssh/files/patch-sum +++ b/security/ssh/files/patch-sum @@ -1,6 +1,6 @@ -$NetBSD: patch-sum,v 1.7 1999/09/18 22:04:57 kim Exp $ +$NetBSD: patch-sum,v 1.8 1999/11/12 14:10:52 sommerfeld Exp $ -MD5 (patch-aa) = dca3a23f5066125131e34fba33baa4ae +MD5 (patch-aa) = 40b3db42f26cb0111ae0aa8522a0217c MD5 (patch-ab) = 9807586f0bcbc7e92045d40be272d585 MD5 (patch-ac) = 6ca9c5c5300c27a541928a2c2bc44388 MD5 (patch-ad) = 60483c735ff0e3c47e640002be0cee75 diff --git a/security/ssh/files/patch-sum-v6 b/security/ssh/files/patch-sum-v6 index 223659e662d..d3139e64ad6 100644 --- a/security/ssh/files/patch-sum-v6 +++ b/security/ssh/files/patch-sum-v6 @@ -1,6 +1,6 @@ -$NetBSD: patch-sum-v6,v 1.3 1999/09/18 22:04:57 kim Exp $ +$NetBSD: patch-sum-v6,v 1.4 1999/11/12 14:10:52 sommerfeld Exp $ -MD5 (patch-aa) = dca3a23f5066125131e34fba33baa4ae +MD5 (patch-aa) = 40b3db42f26cb0111ae0aa8522a0217c MD5 (patch-ab) = 9807586f0bcbc7e92045d40be272d585 MD5 (patch-ac) = 6ca9c5c5300c27a541928a2c2bc44388 MD5 (patch-ad) = 60483c735ff0e3c47e640002be0cee75 diff --git a/security/ssh/patches/patch-aa b/security/ssh/patches/patch-aa index 54a0fb926b5..7e7a1acf813 100644 --- a/security/ssh/patches/patch-aa +++ b/security/ssh/patches/patch-aa @@ -1,7 +1,7 @@ -$NetBSD: patch-aa,v 1.4 1998/08/07 11:13:48 agc Exp $ +$NetBSD: patch-aa,v 1.5 1999/11/12 14:10:53 sommerfeld Exp $ ---- rsaglue.c.orig Tue Jan 20 07:24:08 1998 -+++ rsaglue.c Tue Feb 17 12:30:15 1998 +--- rsaglue.c.orig Wed May 12 07:19:28 1999 ++++ rsaglue.c Fri Nov 12 08:40:02 1999 @@ -71,8 +71,7 @@ interface without modifying RSAREF. */ @@ -9,6 +9,28 @@ $NetBSD: patch-aa,v 1.4 1998/08/07 11:13:48 agc Exp $ -#include "rsaref2/source/global.h" -#include "rsaref2/source/rsaref.h" +#include <rsaref/rsaref.h> - + /* Convert an integer from gmp to rsaref representation. */ +@@ -139,6 +138,10 @@ + + input_bits = mpz_sizeinbase(input, 2); + input_len = (input_bits + 7) / 8; ++ if (input_len >= MAX_RSA_MODULUS_LEN) ++ fatal("Input data has too many bits for RSAREF to handle (max %d).", ++ MAX_RSA_MODULUS_BITS); ++ + gmp_to_rsaref(input_data, input_len, input); + + rsaref_public_key(&public_key, key); +@@ -172,6 +175,10 @@ + + input_bits = mpz_sizeinbase(input, 2); + input_len = (input_bits + 7) / 8; ++ if (input_len >= MAX_RSA_MODULUS_LEN) ++ fatal("Input data has too many bits for RSAREF to handle (max %d).", ++ MAX_RSA_MODULUS_BITS); ++ + gmp_to_rsaref(input_data, input_len, input); + + rsaref_private_key(&private_key, key); |