1 |
commit: b76774f393a90f6a74371864ec4850f176373b4c |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Oct 4 14:04:47 2019 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Oct 4 15:48:15 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b76774f3 |
7 |
|
8 |
dev-libs/openssl: fix mem leaks with BN_to_ASN1_INTEGER |
9 |
|
10 |
Package-Manager: Portage-2.3.76, Repoman-2.3.17 |
11 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
12 |
|
13 |
...x-potential-memleaks-w-BN_to_ASN1_INTEGER.patch | 107 +++++++++++++++++++++ |
14 |
dev-libs/openssl/openssl-1.1.1d-r1.ebuild | 1 + |
15 |
2 files changed, 108 insertions(+) |
16 |
|
17 |
diff --git a/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch b/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch |
18 |
new file mode 100644 |
19 |
index 00000000000..1f195d0384c |
20 |
--- /dev/null |
21 |
+++ b/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch |
22 |
@@ -0,0 +1,107 @@ |
23 |
+From 515c728dbaa92211d2eafb0041ab9fcd258fdc41 Mon Sep 17 00:00:00 2001 |
24 |
+From: Bernd Edlinger <bernd.edlinger@×××××××.de> |
25 |
+Date: Mon, 9 Sep 2019 19:12:25 +0200 |
26 |
+Subject: [PATCH] Fix potential memory leaks with BN_to_ASN1_INTEGER |
27 |
+ |
28 |
+Reviewed-by: Paul Dale <paul.dale@××××××.com> |
29 |
+Reviewed-by: Matt Caswell <matt@×××××××.org> |
30 |
+(Merged from https://github.com/openssl/openssl/pull/9833) |
31 |
+ |
32 |
+(cherry picked from commit f28bc7d386b25fb75625d0c62c6b2e6d21de0d09) |
33 |
+--- |
34 |
+ crypto/ec/ec_asn1.c | 7 +++++-- |
35 |
+ crypto/x509v3/v3_asid.c | 26 ++++++++++++++++++++------ |
36 |
+ 2 files changed, 25 insertions(+), 8 deletions(-) |
37 |
+ |
38 |
+diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c |
39 |
+index 1ce1181fc10..7cbf8de9813 100644 |
40 |
+--- a/crypto/ec/ec_asn1.c |
41 |
++++ b/crypto/ec/ec_asn1.c |
42 |
+@@ -446,6 +446,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, |
43 |
+ unsigned char *buffer = NULL; |
44 |
+ const EC_POINT *point = NULL; |
45 |
+ point_conversion_form_t form; |
46 |
++ ASN1_INTEGER *orig; |
47 |
+ |
48 |
+ if (params == NULL) { |
49 |
+ if ((ret = ECPARAMETERS_new()) == NULL) { |
50 |
+@@ -496,8 +497,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, |
51 |
+ ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB); |
52 |
+ goto err; |
53 |
+ } |
54 |
+- ret->order = BN_to_ASN1_INTEGER(tmp, ret->order); |
55 |
++ ret->order = BN_to_ASN1_INTEGER(tmp, orig = ret->order); |
56 |
+ if (ret->order == NULL) { |
57 |
++ ret->order = orig; |
58 |
+ ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB); |
59 |
+ goto err; |
60 |
+ } |
61 |
+@@ -505,8 +507,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, |
62 |
+ /* set the cofactor (optional) */ |
63 |
+ tmp = EC_GROUP_get0_cofactor(group); |
64 |
+ if (tmp != NULL) { |
65 |
+- ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor); |
66 |
++ ret->cofactor = BN_to_ASN1_INTEGER(tmp, orig = ret->cofactor); |
67 |
+ if (ret->cofactor == NULL) { |
68 |
++ ret->cofactor = orig; |
69 |
+ ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB); |
70 |
+ goto err; |
71 |
+ } |
72 |
+diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c |
73 |
+index 089f2ae29f0..ef2d64826fb 100644 |
74 |
+--- a/crypto/x509v3/v3_asid.c |
75 |
++++ b/crypto/x509v3/v3_asid.c |
76 |
+@@ -256,6 +256,7 @@ static int extract_min_max(ASIdOrRange *aor, |
77 |
+ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) |
78 |
+ { |
79 |
+ ASN1_INTEGER *a_max_plus_one = NULL; |
80 |
++ ASN1_INTEGER *orig; |
81 |
+ BIGNUM *bn = NULL; |
82 |
+ int i, ret = 0; |
83 |
+ |
84 |
+@@ -298,9 +299,15 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) |
85 |
+ */ |
86 |
+ if ((bn == NULL && (bn = BN_new()) == NULL) || |
87 |
+ ASN1_INTEGER_to_BN(a_max, bn) == NULL || |
88 |
+- !BN_add_word(bn, 1) || |
89 |
+- (a_max_plus_one = |
90 |
+- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) { |
91 |
++ !BN_add_word(bn, 1)) { |
92 |
++ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, |
93 |
++ ERR_R_MALLOC_FAILURE); |
94 |
++ goto done; |
95 |
++ } |
96 |
++ |
97 |
++ if ((a_max_plus_one = |
98 |
++ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { |
99 |
++ a_max_plus_one = orig; |
100 |
+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, |
101 |
+ ERR_R_MALLOC_FAILURE); |
102 |
+ goto done; |
103 |
+@@ -351,6 +358,7 @@ int X509v3_asid_is_canonical(ASIdentifiers *asid) |
104 |
+ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) |
105 |
+ { |
106 |
+ ASN1_INTEGER *a_max_plus_one = NULL; |
107 |
++ ASN1_INTEGER *orig; |
108 |
+ BIGNUM *bn = NULL; |
109 |
+ int i, ret = 0; |
110 |
+ |
111 |
+@@ -416,9 +424,15 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) |
112 |
+ */ |
113 |
+ if ((bn == NULL && (bn = BN_new()) == NULL) || |
114 |
+ ASN1_INTEGER_to_BN(a_max, bn) == NULL || |
115 |
+- !BN_add_word(bn, 1) || |
116 |
+- (a_max_plus_one = |
117 |
+- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) { |
118 |
++ !BN_add_word(bn, 1)) { |
119 |
++ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, |
120 |
++ ERR_R_MALLOC_FAILURE); |
121 |
++ goto done; |
122 |
++ } |
123 |
++ |
124 |
++ if ((a_max_plus_one = |
125 |
++ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { |
126 |
++ a_max_plus_one = orig; |
127 |
+ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, |
128 |
+ ERR_R_MALLOC_FAILURE); |
129 |
+ goto done; |
130 |
|
131 |
diff --git a/dev-libs/openssl/openssl-1.1.1d-r1.ebuild b/dev-libs/openssl/openssl-1.1.1d-r1.ebuild |
132 |
index b9fd0c73a62..db1ec434fd7 100644 |
133 |
--- a/dev-libs/openssl/openssl-1.1.1d-r1.ebuild |
134 |
+++ b/dev-libs/openssl/openssl-1.1.1d-r1.ebuild |
135 |
@@ -46,6 +46,7 @@ PDEPEND="app-misc/ca-certificates" |
136 |
PATCHES=( |
137 |
"${FILESDIR}"/${PN}-1.1.0j-parallel_install_fix.patch #671602 |
138 |
"${FILESDIR}"/${P}-fix-zlib.patch |
139 |
+ "${FILESDIR}"/${P}-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch |
140 |
) |
141 |
|
142 |
S="${WORKDIR}/${MY_P}" |