/[smecontribs]/rpms/openssl3/contribs10/0107-CVE-2023-0286-X400.patch
ViewVC logotype

Annotation of /rpms/openssl3/contribs10/0107-CVE-2023-0286-X400.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Wed Jan 31 17:24:52 2024 UTC (8 months, 2 weeks ago) by jpp
Branch: MAIN
CVS Tags: openssl3-3_0_7-5_el7_sme_1, HEAD
Initial import

1 jpp 1.1 From 2f7530077e0ef79d98718138716bc51ca0cad658 Mon Sep 17 00:00:00 2001
2     From: Hugo Landau <hlandau@openssl.org>
3     Date: Tue, 17 Jan 2023 17:45:42 +0000
4     Subject: [PATCH 14/18] CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address
5     (3.0)
6    
7     Reviewed-by: Paul Dale <pauli@openssl.org>
8     Reviewed-by: Tomas Mraz <tomas@openssl.org>
9     ---
10     CHANGES.md | 19 +++++++++++++++++++
11     crypto/x509/v3_genn.c | 2 +-
12     include/openssl/x509v3.h.in | 2 +-
13     test/v3nametest.c | 8 ++++++++
14     4 files changed, 29 insertions(+), 2 deletions(-)
15    
16     diff --git a/crypto/x509/v3_genn.c b/crypto/x509/v3_genn.c
17     index c0a7166cd0..1741c2d2f6 100644
18     --- a/crypto/x509/v3_genn.c
19     +++ b/crypto/x509/v3_genn.c
20     @@ -98,7 +98,7 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
21     return -1;
22     switch (a->type) {
23     case GEN_X400:
24     - result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
25     + result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address);
26     break;
27    
28     case GEN_EDIPARTY:
29     diff --git a/include/openssl/x509v3.h.in b/include/openssl/x509v3.h.in
30     index d00a66a343..c087e3cf92 100644
31     --- a/include/openssl/x509v3.h.in
32     +++ b/include/openssl/x509v3.h.in
33     @@ -154,7 +154,7 @@ typedef struct GENERAL_NAME_st {
34     OTHERNAME *otherName; /* otherName */
35     ASN1_IA5STRING *rfc822Name;
36     ASN1_IA5STRING *dNSName;
37     - ASN1_TYPE *x400Address;
38     + ASN1_STRING *x400Address;
39     X509_NAME *directoryName;
40     EDIPARTYNAME *ediPartyName;
41     ASN1_IA5STRING *uniformResourceIdentifier;
42     diff --git a/test/v3nametest.c b/test/v3nametest.c
43     index 6d2e2f8e27..0341995dde 100644
44     --- a/test/v3nametest.c
45     +++ b/test/v3nametest.c
46     @@ -644,6 +644,14 @@ static struct gennamedata {
47     0xb7, 0x09, 0x02, 0x02
48     },
49     15
50     + }, {
51     + /*
52     + * Regression test for CVE-2023-0286.
53     + */
54     + {
55     + 0xa3, 0x00
56     + },
57     + 2
58     }
59     };
60    
61     --
62     2.39.1
63    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed