diff options
Diffstat (limited to 'recipes-connectivity/openssl/openssl/CVE-2017-3735.patch')
-rw-r--r-- | recipes-connectivity/openssl/openssl/CVE-2017-3735.patch | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch b/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch new file mode 100644 index 0000000..b0f8189 --- /dev/null +++ b/recipes-connectivity/openssl/openssl/CVE-2017-3735.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | From 31c8b265591a0aaa462a1f3eb5770661aaac67db Mon Sep 17 00:00:00 2001 | ||
2 | From: Rich Salz <rsalz@openssl.org> | ||
3 | Date: Tue, 22 Aug 2017 11:44:41 -0400 | ||
4 | Subject: [PATCH] Avoid out-of-bounds read | ||
5 | |||
6 | Fixes CVE-2017-3735 | ||
7 | |||
8 | CVE: CVE-2017-3735 | ||
9 | Upstream-Status: Backport | ||
10 | |||
11 | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> | ||
12 | (Merged from https://github.com/openssl/openssl/pull/4276) | ||
13 | |||
14 | (cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd) | ||
15 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
16 | --- | ||
17 | crypto/x509v3/v3_addr.c | 10 ++++++---- | ||
18 | 1 file changed, 6 insertions(+), 4 deletions(-) | ||
19 | |||
20 | diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c | ||
21 | index 1290dec..af080a0 100644 | ||
22 | --- a/crypto/x509v3/v3_addr.c | ||
23 | +++ b/crypto/x509v3/v3_addr.c | ||
24 | @@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi) | ||
25 | */ | ||
26 | unsigned int v3_addr_get_afi(const IPAddressFamily *f) | ||
27 | { | ||
28 | - return ((f != NULL && | ||
29 | - f->addressFamily != NULL && f->addressFamily->data != NULL) | ||
30 | - ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1])) | ||
31 | - : 0); | ||
32 | + if (f == NULL | ||
33 | + || f->addressFamily == NULL | ||
34 | + || f->addressFamily->data == NULL | ||
35 | + || f->addressFamily->length < 2) | ||
36 | + return 0; | ||
37 | + return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1]; | ||
38 | } | ||
39 | |||
40 | /* | ||
41 | -- | ||
42 | 1.9.1 | ||
43 | |||