openssl 0.9.8g-15+lenny7
Hi,
I'll be uploading a new version of openssl to proposed-updates
soon. This fixes a security issue. Could you please review
and approve this?
The diff is attached.
Kurt
diff -u openssl-0.9.8g/debian/changelog openssl-0.9.8g/debian/changelog
--- openssl-0.9.8g/debian/changelog
+++ openssl-0.9.8g/debian/changelog
@@ -1,3 +1,10 @@
+openssl (0.9.8g-15+lenny7) stable-security; urgency=low
+
+ * Check return type of bn_wexpand(). Fixes CVE-2009-3245
+ (Closes: #575433)
+
+ -- Kurt Roeckx <kurt@roeckx.be> Mon, 07 Jun 2010 20:30:01 +0200
+
openssl (0.9.8g-15+lenny6) stable-security; urgency=low
* Clean up zlib state so that it will be reinitialized on next use and
only in patch2:
unchanged:
--- openssl-0.9.8g.orig/engines/e_ubsec.c
+++ openssl-0.9.8g/engines/e_ubsec.c
@@ -934,7 +934,7 @@
priv_key = BN_new();
if (priv_key == NULL) goto err;
priv_key_len = BN_num_bits(dh->p);
- bn_wexpand(priv_key, dh->p->top);
+ if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err;
do
if (!BN_rand_range(priv_key, dh->p)) goto err;
while (BN_is_zero(priv_key));
@@ -949,7 +949,7 @@
{
pub_key = BN_new();
pub_key_len = BN_num_bits(dh->p);
- bn_wexpand(pub_key, dh->p->top);
+ if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
if(pub_key == NULL) goto err;
}
else
only in patch2:
unchanged:
--- openssl-0.9.8g.orig/crypto/ec/ec2_smpl.c
+++ openssl-0.9.8g/crypto/ec/ec2_smpl.c
@@ -174,8 +174,10 @@
dest->poly[2] = src->poly[2];
dest->poly[3] = src->poly[3];
dest->poly[4] = src->poly[4];
- bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
- bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2);
+ if(bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL)
+ return 0;
+ if(bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL)
+ return 0;
for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0;
for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0;
return 1;
@@ -199,12 +201,12 @@
/* group->a */
if (!BN_GF2m_mod_arr(&group->a, a, group->poly)) goto err;
- bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2);
+ if(bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
for (i = group->a.top; i < group->a.dmax; i++) group->a.d[i] = 0;
/* group->b */
if (!BN_GF2m_mod_arr(&group->b, b, group->poly)) goto err;
- bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2);
+ if(bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
for (i = group->b.top; i < group->b.dmax; i++) group->b.d[i] = 0;
ret = 1;
only in patch2:
unchanged:
--- openssl-0.9.8g.orig/crypto/bn/bn_div.c
+++ openssl-0.9.8g/crypto/bn/bn_div.c
@@ -102,7 +102,7 @@
/* The next 2 are needed so we can do a dv->d[0]|=1 later
* since BN_lshift1 will only work once there is a value :-) */
BN_zero(dv);
- bn_wexpand(dv,1);
+ if(bn_wexpand(dv,1) == NULL) goto end;
dv->top=1;
if (!BN_lshift(D,D,nm-nd)) goto end;
only in patch2:
unchanged:
--- openssl-0.9.8g.orig/crypto/bn/bn_mul.c
+++ openssl-0.9.8g/crypto/bn/bn_mul.c
@@ -1025,15 +1025,15 @@
t = BN_CTX_get(ctx);
if (al > j || bl > j)
{
- bn_wexpand(t,k*4);
- bn_wexpand(rr,k*4);
+ if (bn_wexpand(t,k*4) == NULL) goto err;
+ if (bn_wexpand(rr,k*4) == NULL) goto err;
bn_mul_part_recursive(rr->d,a->d,b->d,
j,al-j,bl-j,t->d);
}
else /* al <= j || bl <= j */
{
- bn_wexpand(t,k*2);
- bn_wexpand(rr,k*2);
+ if (bn_wexpand(t,k*2) == NULL) goto err;
+ if (bn_wexpand(rr,k*2) == NULL) goto err;
bn_mul_recursive(rr->d,a->d,b->d,
j,al-j,bl-j,t->d);
}
only in patch2:
unchanged:
--- openssl-0.9.8g.orig/crypto/bn/bn_gf2m.c
+++ openssl-0.9.8g/crypto/bn/bn_gf2m.c
@@ -294,7 +294,8 @@
if (a->top < b->top) { at = b; bt = a; }
else { at = a; bt = b; }
- bn_wexpand(r, at->top);
+ if(bn_wexpand(r, at->top) == NULL)
+ return 0;
for (i = 0; i < bt->top; i++)
{
Reply to: