diff options
author | Armin Kuster <akuster@mvista.com> | 2016-07-16 16:04:11 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-07-20 10:28:51 +0100 |
commit | 03f6074ad4027e87abac34c189069d26e5d6a86b (patch) | |
tree | 8683c91ce9de6dbdf13172539d2a720b851005c9 | |
parent | 61577c5e4c2f6c0ec0756af04f1cfb2bc7f76e3c (diff) | |
download | poky-03f6074ad4027e87abac34c189069d26e5d6a86b.tar.gz |
openssl: Security fix CVE-2016-2177
Affects openssl <= 1.0.2h
CVSS v2 Base Score: 7.5 HIGH
(From OE-Core rev: 2848c7d3e454cbc84cba9183f23ccdf3e9200ec9)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2016-2177.patch | 286 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_1.0.2h.bb | 1 |
2 files changed, 287 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-2177.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2177.patch new file mode 100644 index 0000000000..df36d5fb37 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2177.patch | |||
@@ -0,0 +1,286 @@ | |||
1 | From a004e72b95835136d3f1ea90517f706c24c03da7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Matt Caswell <matt@openssl.org> | ||
3 | Date: Thu, 5 May 2016 11:10:26 +0100 | ||
4 | Subject: [PATCH] Avoid some undefined pointer arithmetic | ||
5 | |||
6 | A common idiom in the codebase is: | ||
7 | |||
8 | if (p + len > limit) | ||
9 | { | ||
10 | return; /* Too long */ | ||
11 | } | ||
12 | |||
13 | Where "p" points to some malloc'd data of SIZE bytes and | ||
14 | limit == p + SIZE | ||
15 | |||
16 | "len" here could be from some externally supplied data (e.g. from a TLS | ||
17 | message). | ||
18 | |||
19 | The rules of C pointer arithmetic are such that "p + len" is only well | ||
20 | defined where len <= SIZE. Therefore the above idiom is actually | ||
21 | undefined behaviour. | ||
22 | |||
23 | For example this could cause problems if some malloc implementation | ||
24 | provides an address for "p" such that "p + len" actually overflows for | ||
25 | values of len that are too big and therefore p + len < limit! | ||
26 | |||
27 | Issue reported by Guido Vranken. | ||
28 | |||
29 | CVE-2016-2177 | ||
30 | |||
31 | Reviewed-by: Rich Salz <rsalz@openssl.org> | ||
32 | |||
33 | Upstream-Status: Backport | ||
34 | CVE: CVE-2016-2177 | ||
35 | |||
36 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
37 | |||
38 | |||
39 | --- | ||
40 | ssl/s3_srvr.c | 14 +++++++------- | ||
41 | ssl/ssl_sess.c | 2 +- | ||
42 | ssl/t1_lib.c | 56 ++++++++++++++++++++++++++++++-------------------------- | ||
43 | 3 files changed, 38 insertions(+), 34 deletions(-) | ||
44 | |||
45 | diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c | ||
46 | index ab28702..ab7f690 100644 | ||
47 | --- a/ssl/s3_srvr.c | ||
48 | +++ b/ssl/s3_srvr.c | ||
49 | @@ -980,7 +980,7 @@ int ssl3_get_client_hello(SSL *s) | ||
50 | |||
51 | session_length = *(p + SSL3_RANDOM_SIZE); | ||
52 | |||
53 | - if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) { | ||
54 | + if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) { | ||
55 | al = SSL_AD_DECODE_ERROR; | ||
56 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); | ||
57 | goto f_err; | ||
58 | @@ -998,7 +998,7 @@ int ssl3_get_client_hello(SSL *s) | ||
59 | /* get the session-id */ | ||
60 | j = *(p++); | ||
61 | |||
62 | - if (p + j > d + n) { | ||
63 | + if ((d + n) - p < j) { | ||
64 | al = SSL_AD_DECODE_ERROR; | ||
65 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); | ||
66 | goto f_err; | ||
67 | @@ -1054,14 +1054,14 @@ int ssl3_get_client_hello(SSL *s) | ||
68 | |||
69 | if (SSL_IS_DTLS(s)) { | ||
70 | /* cookie stuff */ | ||
71 | - if (p + 1 > d + n) { | ||
72 | + if ((d + n) - p < 1) { | ||
73 | al = SSL_AD_DECODE_ERROR; | ||
74 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); | ||
75 | goto f_err; | ||
76 | } | ||
77 | cookie_len = *(p++); | ||
78 | |||
79 | - if (p + cookie_len > d + n) { | ||
80 | + if ((d + n ) - p < cookie_len) { | ||
81 | al = SSL_AD_DECODE_ERROR; | ||
82 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); | ||
83 | goto f_err; | ||
84 | @@ -1131,7 +1131,7 @@ int ssl3_get_client_hello(SSL *s) | ||
85 | } | ||
86 | } | ||
87 | |||
88 | - if (p + 2 > d + n) { | ||
89 | + if ((d + n ) - p < 2) { | ||
90 | al = SSL_AD_DECODE_ERROR; | ||
91 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); | ||
92 | goto f_err; | ||
93 | @@ -1145,7 +1145,7 @@ int ssl3_get_client_hello(SSL *s) | ||
94 | } | ||
95 | |||
96 | /* i bytes of cipher data + 1 byte for compression length later */ | ||
97 | - if ((p + i + 1) > (d + n)) { | ||
98 | + if ((d + n) - p < i + 1) { | ||
99 | /* not enough data */ | ||
100 | al = SSL_AD_DECODE_ERROR; | ||
101 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); | ||
102 | @@ -1211,7 +1211,7 @@ int ssl3_get_client_hello(SSL *s) | ||
103 | |||
104 | /* compression */ | ||
105 | i = *(p++); | ||
106 | - if ((p + i) > (d + n)) { | ||
107 | + if ((d + n) - p < i) { | ||
108 | /* not enough data */ | ||
109 | al = SSL_AD_DECODE_ERROR; | ||
110 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); | ||
111 | diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c | ||
112 | index b182998..54ee783 100644 | ||
113 | --- a/ssl/ssl_sess.c | ||
114 | +++ b/ssl/ssl_sess.c | ||
115 | @@ -573,7 +573,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, | ||
116 | int r; | ||
117 | #endif | ||
118 | |||
119 | - if (session_id + len > limit) { | ||
120 | + if (limit - session_id < len) { | ||
121 | fatal = 1; | ||
122 | goto err; | ||
123 | } | ||
124 | diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c | ||
125 | index fb64607..cdac011 100644 | ||
126 | --- a/ssl/t1_lib.c | ||
127 | +++ b/ssl/t1_lib.c | ||
128 | @@ -1867,11 +1867,11 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, | ||
129 | 0x02, 0x03, /* SHA-1/ECDSA */ | ||
130 | }; | ||
131 | |||
132 | - if (data >= (limit - 2)) | ||
133 | + if (limit - data <= 2) | ||
134 | return; | ||
135 | data += 2; | ||
136 | |||
137 | - if (data > (limit - 4)) | ||
138 | + if (limit - data < 4) | ||
139 | return; | ||
140 | n2s(data, type); | ||
141 | n2s(data, size); | ||
142 | @@ -1879,7 +1879,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, | ||
143 | if (type != TLSEXT_TYPE_server_name) | ||
144 | return; | ||
145 | |||
146 | - if (data + size > limit) | ||
147 | + if (limit - data < size) | ||
148 | return; | ||
149 | data += size; | ||
150 | |||
151 | @@ -1887,7 +1887,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, | ||
152 | const size_t len1 = sizeof(kSafariExtensionsBlock); | ||
153 | const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock); | ||
154 | |||
155 | - if (data + len1 + len2 != limit) | ||
156 | + if (limit - data != (int)(len1 + len2)) | ||
157 | return; | ||
158 | if (memcmp(data, kSafariExtensionsBlock, len1) != 0) | ||
159 | return; | ||
160 | @@ -1896,7 +1896,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, | ||
161 | } else { | ||
162 | const size_t len = sizeof(kSafariExtensionsBlock); | ||
163 | |||
164 | - if (data + len != limit) | ||
165 | + if (limit - data != (int)(len)) | ||
166 | return; | ||
167 | if (memcmp(data, kSafariExtensionsBlock, len) != 0) | ||
168 | return; | ||
169 | @@ -2053,19 +2053,19 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, | ||
170 | if (data == limit) | ||
171 | goto ri_check; | ||
172 | |||
173 | - if (data > (limit - 2)) | ||
174 | + if (limit - data < 2) | ||
175 | goto err; | ||
176 | |||
177 | n2s(data, len); | ||
178 | |||
179 | - if (data + len != limit) | ||
180 | + if (limit - data != len) | ||
181 | goto err; | ||
182 | |||
183 | - while (data <= (limit - 4)) { | ||
184 | + while (limit - data >= 4) { | ||
185 | n2s(data, type); | ||
186 | n2s(data, size); | ||
187 | |||
188 | - if (data + size > (limit)) | ||
189 | + if (limit - data < size) | ||
190 | goto err; | ||
191 | # if 0 | ||
192 | fprintf(stderr, "Received extension type %d size %d\n", type, size); | ||
193 | @@ -2472,18 +2472,18 @@ static int ssl_scan_clienthello_custom_tlsext(SSL *s, | ||
194 | if (s->hit || s->cert->srv_ext.meths_count == 0) | ||
195 | return 1; | ||
196 | |||
197 | - if (data >= limit - 2) | ||
198 | + if (limit - data <= 2) | ||
199 | return 1; | ||
200 | n2s(data, len); | ||
201 | |||
202 | - if (data > limit - len) | ||
203 | + if (limit - data < len) | ||
204 | return 1; | ||
205 | |||
206 | - while (data <= limit - 4) { | ||
207 | + while (limit - data >= 4) { | ||
208 | n2s(data, type); | ||
209 | n2s(data, size); | ||
210 | |||
211 | - if (data + size > limit) | ||
212 | + if (limit - data < size) | ||
213 | return 1; | ||
214 | if (custom_ext_parse(s, 1 /* server */ , type, data, size, al) <= 0) | ||
215 | return 0; | ||
216 | @@ -2569,20 +2569,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, | ||
217 | SSL_TLSEXT_HB_DONT_SEND_REQUESTS); | ||
218 | # endif | ||
219 | |||
220 | - if (data >= (d + n - 2)) | ||
221 | + if ((d + n) - data <= 2) | ||
222 | goto ri_check; | ||
223 | |||
224 | n2s(data, length); | ||
225 | - if (data + length != d + n) { | ||
226 | + if ((d + n) - data != length) { | ||
227 | *al = SSL_AD_DECODE_ERROR; | ||
228 | return 0; | ||
229 | } | ||
230 | |||
231 | - while (data <= (d + n - 4)) { | ||
232 | + while ((d + n) - data >= 4) { | ||
233 | n2s(data, type); | ||
234 | n2s(data, size); | ||
235 | |||
236 | - if (data + size > (d + n)) | ||
237 | + if ((d + n) - data < size) | ||
238 | goto ri_check; | ||
239 | |||
240 | if (s->tlsext_debug_cb) | ||
241 | @@ -3307,29 +3307,33 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, | ||
242 | /* Skip past DTLS cookie */ | ||
243 | if (SSL_IS_DTLS(s)) { | ||
244 | i = *(p++); | ||
245 | - p += i; | ||
246 | - if (p >= limit) | ||
247 | + | ||
248 | + if (limit - p <= i) | ||
249 | return -1; | ||
250 | + | ||
251 | + p += i; | ||
252 | } | ||
253 | /* Skip past cipher list */ | ||
254 | n2s(p, i); | ||
255 | - p += i; | ||
256 | - if (p >= limit) | ||
257 | + if (limit - p <= i) | ||
258 | return -1; | ||
259 | + p += i; | ||
260 | + | ||
261 | /* Skip past compression algorithm list */ | ||
262 | i = *(p++); | ||
263 | - p += i; | ||
264 | - if (p > limit) | ||
265 | + if (limit - p < i) | ||
266 | return -1; | ||
267 | + p += i; | ||
268 | + | ||
269 | /* Now at start of extensions */ | ||
270 | - if ((p + 2) >= limit) | ||
271 | + if (limit - p <= 2) | ||
272 | return 0; | ||
273 | n2s(p, i); | ||
274 | - while ((p + 4) <= limit) { | ||
275 | + while (limit - p >= 4) { | ||
276 | unsigned short type, size; | ||
277 | n2s(p, type); | ||
278 | n2s(p, size); | ||
279 | - if (p + size > limit) | ||
280 | + if (limit - p < size) | ||
281 | return 0; | ||
282 | if (type == TLSEXT_TYPE_session_ticket) { | ||
283 | int r; | ||
284 | -- | ||
285 | 2.3.5 | ||
286 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb index 699fe62bbf..e7d1106d27 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb | |||
@@ -39,6 +39,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \ | |||
39 | file://ptest_makefile_deps.patch \ | 39 | file://ptest_makefile_deps.patch \ |
40 | file://configure-musl-target.patch \ | 40 | file://configure-musl-target.patch \ |
41 | file://parallel.patch \ | 41 | file://parallel.patch \ |
42 | file://CVE-2016-2177.patch \ | ||
42 | " | 43 | " |
43 | SRC_URI[md5sum] = "9392e65072ce4b614c1392eefc1f23d0" | 44 | SRC_URI[md5sum] = "9392e65072ce4b614c1392eefc1f23d0" |
44 | SRC_URI[sha256sum] = "1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919" | 45 | SRC_URI[sha256sum] = "1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919" |