1 files changed, 118 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.1e/CVE-2014-0160.patch b/meta/recipes-connectivity/openssl/openssl-1.0.1e/CVE-2014-0160.patch
new file mode 100644
index 0000000000..c06cd64fc6
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl-1.0.1e/CVE-2014-0160.patch
@@ -0,0 +1,118 @@
+From 96db9023b881d7cd9f379b0c154650d6c108e9a3 Mon Sep 17 00:00:00 2001
+From: "Dr. Stephen Henson" <steve@openssl.org>
+Date: Sun, 6 Apr 2014 00:51:06 +0100
+Subject: [PATCH] Add heartbeat extension bounds check.
+A missing bounds check in the handling of the TLS heartbeat extension
+can be used to reveal up to 64k of memory to a connected client or
+server.
+Thanks for Neel Mehta of Google Security for discovering this bug and to
+Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
+preparing the fix (CVE-2014-0160)
+Patch (tweaked version of upstream fix without CHANGES change) borrowed
+from Debian.
+Upstream-Status: Backport
+Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
+---
+ ssl/d1_both.c | 26 ++++++++++++++++++--------
+ ssl/t1_lib.c  | 14 +++++++++-----
+ 3 files changed, 36 insertions(+), 13 deletions(-)
+diff --git a/ssl/d1_both.c b/ssl/d1_both.c
+index 7a5596a..2e8cf68 100644
+--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
+@@ -1459,26 +1459,36 @@ dtls1_process_heartbeat(SSL *s)
+        unsigned int payload;
+        unsigned int padding = 16; /* Use minimum padding */
+ 
+-       /* Read type and payload length first */
+-       hbtype = *p++;
+-       n2s(p, payload);
+-       pl = p;
+-
+        if (s->msg_callback)
+                s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+                        &s->s3->rrec.data[0], s->s3->rrec.length,
+                        s, s->msg_callback_arg);
+ 
+       /* Read type and payload length first */
+       if (1 + 2 + 16 > s->s3->rrec.length)
+               return 0; /* silently discard */
+       hbtype = *p++;
+       n2s(p, payload);
+       if (1 + 2 + payload + 16 > s->s3->rrec.length)
+               return 0; /* silently discard per RFC 6520 sec. 4 */
+       pl = p;
+
+        if (hbtype == TLS1_HB_REQUEST)
+                {
+                unsigned char *buffer, *bp;
+               unsigned int write_length = 1 /* heartbeat type */ +
+                                           2 /* heartbeat length */ +
+                                           payload + padding;
+                int r;
+ 
+               if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
+                       return 0;
+
+                /* Allocate memory for the response, size is 1 byte
+                 * message type, plus 2 bytes payload length, plus
+                 * payload, plus padding
+                 */
+-               buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+               buffer = OPENSSL_malloc(write_length);
+                bp = buffer;
+ 
+                /* Enter response type, length and copy payload */
+@@ -1489,11 +1499,11 @@ dtls1_process_heartbeat(SSL *s)
+                /* Random padding */
+                RAND_pseudo_bytes(bp, padding);
+ 
+-               r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
+               r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
+ 
+                if (r >= 0 && s->msg_callback)
+                        s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+-                               buffer, 3 + payload + padding,
+                               buffer, write_length,
+                                s, s->msg_callback_arg);
+ 
+                OPENSSL_free(buffer);
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index b82fada..bddffd9 100644
+--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
+@@ -2588,16 +2588,20 @@ tls1_process_heartbeat(SSL *s)
+        unsigned int payload;
+        unsigned int padding = 16; /* Use minimum padding */
+ 
+-       /* Read type and payload length first */
+-       hbtype = *p++;
+-       n2s(p, payload);
+-       pl = p;
+-
+        if (s->msg_callback)
+                s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+                        &s->s3->rrec.data[0], s->s3->rrec.length,
+                        s, s->msg_callback_arg);
+ 
+       /* Read type and payload length first */
+       if (1 + 2 + 16 > s->s3->rrec.length)
+               return 0; /* silently discard */
+       hbtype = *p++;
+       n2s(p, payload);
+       if (1 + 2 + payload + 16 > s->s3->rrec.length)
+               return 0; /* silently discard per RFC 6520 sec. 4 */
+       pl = p;
+
+        if (hbtype == TLS1_HB_REQUEST)
+                {
+                unsigned char *buffer, *bp;
+-- 
+1.9.1

diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.1e/CVE-2014-0160.patch b/meta/recipes-connectivity/openssl/openssl-1.0.1e/CVE-2014-0160.patch new file mode 100644 index 0000000000..c06cd64fc6 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl-1.0.1e/CVE-2014-0160.patch
@@ -0,0 +1,118 @@
	1	From 96db9023b881d7cd9f379b0c154650d6c108e9a3 Mon Sep 17 00:00:00 2001
	2	From: "Dr. Stephen Henson" <steve@openssl.org>
	3	Date: Sun, 6 Apr 2014 00:51:06 +0100
	4	Subject: [PATCH] Add heartbeat extension bounds check.
	5
	6	A missing bounds check in the handling of the TLS heartbeat extension
	7	can be used to reveal up to 64k of memory to a connected client or
	8	server.
	9
	10	Thanks for Neel Mehta of Google Security for discovering this bug and to
	11	Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
	12	preparing the fix (CVE-2014-0160)
	13
	14	Patch (tweaked version of upstream fix without CHANGES change) borrowed
	15	from Debian.
	16
	17	Upstream-Status: Backport
	18	Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
	19
	20	---
	21	ssl/d1_both.c \| 26 ++++++++++++++++++--------
	22	ssl/t1_lib.c \| 14 +++++++++-----
	23	3 files changed, 36 insertions(+), 13 deletions(-)
	24
	25	diff --git a/ssl/d1_both.c b/ssl/d1_both.c
	26	index 7a5596a..2e8cf68 100644
	27	--- a/ssl/d1_both.c
	28	+++ b/ssl/d1_both.c
	29	@@ -1459,26 +1459,36 @@ dtls1_process_heartbeat(SSL *s)
	30	unsigned int payload;
	31	unsigned int padding = 16; /* Use minimum padding */
	32
	33	- /* Read type and payload length first */
	34	- hbtype = *p++;
	35	- n2s(p, payload);
	36	- pl = p;
	37	-
	38	if (s->msg_callback)
	39	s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
	40	&s->s3->rrec.data[0], s->s3->rrec.length,
	41	s, s->msg_callback_arg);
	42
	43	+ /* Read type and payload length first */
	44	+ if (1 + 2 + 16 > s->s3->rrec.length)
	45	+ return 0; /* silently discard */
	46	+ hbtype = *p++;
	47	+ n2s(p, payload);
	48	+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
	49	+ return 0; /* silently discard per RFC 6520 sec. 4 */
	50	+ pl = p;
	51	+
	52	if (hbtype == TLS1_HB_REQUEST)
	53	{
	54	unsigned char buffer, bp;
	55	+ unsigned int write_length = 1 /* heartbeat type */ +
	56	+ 2 /* heartbeat length */ +
	57	+ payload + padding;
	58	int r;
	59
	60	+ if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
	61	+ return 0;
	62	+
	63	/* Allocate memory for the response, size is 1 byte
	64	* message type, plus 2 bytes payload length, plus
	65	* payload, plus padding
	66	*/
	67	- buffer = OPENSSL_malloc(1 + 2 + payload + padding);
	68	+ buffer = OPENSSL_malloc(write_length);
	69	bp = buffer;
	70
	71	/* Enter response type, length and copy payload */
	72	@@ -1489,11 +1499,11 @@ dtls1_process_heartbeat(SSL *s)
	73	/* Random padding */
	74	RAND_pseudo_bytes(bp, padding);
	75
	76	- r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding);
	77	+ r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
	78
	79	if (r >= 0 && s->msg_callback)
	80	s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
	81	- buffer, 3 + payload + padding,
	82	+ buffer, write_length,
	83	s, s->msg_callback_arg);
	84
	85	OPENSSL_free(buffer);
	86	diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
	87	index b82fada..bddffd9 100644
	88	--- a/ssl/t1_lib.c
	89	+++ b/ssl/t1_lib.c
	90	@@ -2588,16 +2588,20 @@ tls1_process_heartbeat(SSL *s)
	91	unsigned int payload;
	92	unsigned int padding = 16; /* Use minimum padding */
	93
	94	- /* Read type and payload length first */
	95	- hbtype = *p++;
	96	- n2s(p, payload);
	97	- pl = p;
	98	-
	99	if (s->msg_callback)
	100	s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
	101	&s->s3->rrec.data[0], s->s3->rrec.length,
	102	s, s->msg_callback_arg);
	103
	104	+ /* Read type and payload length first */
	105	+ if (1 + 2 + 16 > s->s3->rrec.length)
	106	+ return 0; /* silently discard */
	107	+ hbtype = *p++;
	108	+ n2s(p, payload);
	109	+ if (1 + 2 + payload + 16 > s->s3->rrec.length)
	110	+ return 0; /* silently discard per RFC 6520 sec. 4 */
	111	+ pl = p;
	112	+
	113	if (hbtype == TLS1_HB_REQUEST)
	114	{
	115	unsigned char buffer, bp;
	116	--
	117	1.9.1
	118