Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 25 Apr 2009 05:24:45 +0200
From:      Max Laier <max@love2party.net>
To:        "Philip M. Gollucci" <pgollucci@p6m7g8.com>
Cc:        svn-src-stable@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, svn-src-stable-7@freebsd.org, Colin Percival <cperciva@freebsd.org>
Subject:   Re: svn commit: r191381 - head/crypto/openssl/crypto/asn1 releng/6.3 releng/6.3/crypto/openssl/crypto/asn1 releng/6.3/lib/libc/db/btree releng/6.3/lib/libc/db/hash releng/6.3/lib/libc/db/mpool releng/6...
Message-ID:  <200904250524.46502.max@love2party.net>
In-Reply-To: <49F23AAB.6030701@p6m7g8.com>
References:  <200904221407.n3ME7EjC058272@svn.freebsd.org> <49F23AAB.6030701@p6m7g8.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Saturday 25 April 2009 00:18:19 Philip M. Gollucci wrote:
> I feel like it would better use svn to commit to head, stable/7, releng/7,
> stable/6, etc... seperately.
>
> I tried to diff -rPREV or grab a patch and it didn't help much cause it had
> all the different versions in it.
>
> Thoughts, RTFM ?

svn diff -c 191381 svn://svn.freebsd.org/base/{head,stable/{6,7}}

works like a charm.

> Colin Percival wrote:
> > Author: cperciva
> > Date: Wed Apr 22 14:07:14 2009
> > New Revision: 191381
> > URL: http://svn.freebsd.org/changeset/base/191381
> >
> > Log:
> >   Don't leak information via uninitialized space in db(3) records.
> > [09:07]
> >
> >   Sanity-check string lengths in order to stop OpenSSL crashing
> >   when printing corrupt BMPString or UniversalString objects. [09:08]
> >
> >   Security:	FreeBSD-SA-09:07.libc
> >   Security:	FreeBSD-SA-09:08.openssl
> >   Security:	CVE-2009-0590
> >   Approved by:	re (kensmith)
> >   Approved by:	so (cperciva)
> >
> > Modified:
> >   stable/7/crypto/openssl/crypto/asn1/asn1.h
> >   stable/7/crypto/openssl/crypto/asn1/asn1_err.c
> >   stable/7/crypto/openssl/crypto/asn1/tasn_dec.c
> >
> > Changes in other areas also in this revision:
> > Modified:
> >   head/crypto/openssl/crypto/asn1/asn1.h
> >   head/crypto/openssl/crypto/asn1/asn1_err.c
> >   head/crypto/openssl/crypto/asn1/tasn_dec.c
> >   releng/6.3/UPDATING
> >   releng/6.3/crypto/openssl/crypto/asn1/asn1.h
> >   releng/6.3/crypto/openssl/crypto/asn1/asn1_err.c
> >   releng/6.3/crypto/openssl/crypto/asn1/tasn_dec.c
> >   releng/6.3/lib/libc/db/btree/bt_split.c
> >   releng/6.3/lib/libc/db/hash/hash_buf.c
> >   releng/6.3/lib/libc/db/mpool/mpool.c
> >   releng/6.3/sys/conf/newvers.sh
> >   releng/6.4/UPDATING
> >   releng/6.4/crypto/openssl/crypto/asn1/asn1.h
> >   releng/6.4/crypto/openssl/crypto/asn1/asn1_err.c
> >   releng/6.4/crypto/openssl/crypto/asn1/tasn_dec.c
> >   releng/6.4/lib/libc/db/btree/bt_split.c
> >   releng/6.4/lib/libc/db/hash/hash_buf.c
> >   releng/6.4/lib/libc/db/mpool/mpool.c
> >   releng/6.4/sys/conf/newvers.sh
> >   releng/7.0/UPDATING
> >   releng/7.0/crypto/openssl/crypto/asn1/asn1.h
> >   releng/7.0/crypto/openssl/crypto/asn1/asn1_err.c
> >   releng/7.0/crypto/openssl/crypto/asn1/tasn_dec.c
> >   releng/7.0/lib/libc/db/btree/bt_split.c
> >   releng/7.0/lib/libc/db/hash/hash_buf.c
> >   releng/7.0/lib/libc/db/mpool/mpool.c
> >   releng/7.0/sys/conf/newvers.sh
> >   releng/7.1/UPDATING
> >   releng/7.1/crypto/openssl/crypto/asn1/asn1.h
> >   releng/7.1/crypto/openssl/crypto/asn1/asn1_err.c
> >   releng/7.1/crypto/openssl/crypto/asn1/tasn_dec.c
> >   releng/7.1/lib/libc/db/btree/bt_split.c
> >   releng/7.1/lib/libc/db/hash/hash_buf.c
> >   releng/7.1/lib/libc/db/mpool/mpool.c
> >   releng/7.1/sys/conf/newvers.sh
> >   releng/7.2/UPDATING
> >   releng/7.2/crypto/openssl/crypto/asn1/asn1.h
> >   releng/7.2/crypto/openssl/crypto/asn1/asn1_err.c
> >   releng/7.2/crypto/openssl/crypto/asn1/tasn_dec.c
> >   stable/6/crypto/openssl/crypto/asn1/asn1.h
> >   stable/6/crypto/openssl/crypto/asn1/asn1_err.c
> >   stable/6/crypto/openssl/crypto/asn1/tasn_dec.c
> >
> > Modified: stable/7/crypto/openssl/crypto/asn1/asn1.h
> > =========================================================================
> >===== --- stable/7/crypto/openssl/crypto/asn1/asn1.h	Wed Apr 22 13:31:52
> > 2009	(r191380) +++ stable/7/crypto/openssl/crypto/asn1/asn1.h	Wed Apr 22
> > 14:07:14 2009	(r191381) @@ -1134,6 +1134,7 @@ void
> > ERR_load_ASN1_strings(void);
> >  #define ASN1_R_BAD_OBJECT_HEADER			 102
> >  #define ASN1_R_BAD_PASSWORD_READ			 103
> >  #define ASN1_R_BAD_TAG					 104
> > +#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH		 210
> >  #define ASN1_R_BN_LIB					 105
> >  #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 106
> >  #define ASN1_R_BUFFER_TOO_SMALL				 107
> > @@ -1213,6 +1214,7 @@ void ERR_load_ASN1_strings(void);
> >  #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 157
> >  #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 158
> >  #define ASN1_R_UNEXPECTED_EOC				 159
> > +#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH		 211
> >  #define ASN1_R_UNKNOWN_FORMAT				 160
> >  #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 161
> >  #define ASN1_R_UNKNOWN_OBJECT_TYPE			 162
> >
> > Modified: stable/7/crypto/openssl/crypto/asn1/asn1_err.c
> > =========================================================================
> >===== --- stable/7/crypto/openssl/crypto/asn1/asn1_err.c	Wed Apr 22
> > 13:31:52 2009	(r191380) +++
> > stable/7/crypto/openssl/crypto/asn1/asn1_err.c	Wed Apr 22 14:07:14
> > 2009	(r191381) @@ -188,6 +188,7 @@ static ERR_STRING_DATA
> > ASN1_str_reasons[
> >  {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER)    ,"bad object header"},
> >  {ERR_REASON(ASN1_R_BAD_PASSWORD_READ)    ,"bad password read"},
> >  {ERR_REASON(ASN1_R_BAD_TAG)              ,"bad tag"},
> > +{ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),"bmpstring is wrong
> > length"}, {ERR_REASON(ASN1_R_BN_LIB)               ,"bn lib"},
> >  {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
> >  {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL)     ,"buffer too small"},
> > @@ -267,6 +268,7 @@ static ERR_STRING_DATA ASN1_str_reasons[
> >  {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa
> > key"}, {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to
> > decode rsa private key"}, {ERR_REASON(ASN1_R_UNEXPECTED_EOC)      
> > ,"unexpected eoc"},
> > +{ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),"universalstring is
> > wrong length"}, {ERR_REASON(ASN1_R_UNKNOWN_FORMAT)       ,"unknown
> > format"},
> >  {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message
> > digest algorithm"}, {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE)  ,"unknown
> > object type"},
> >
> > Modified: stable/7/crypto/openssl/crypto/asn1/tasn_dec.c
> > =========================================================================
> >===== --- stable/7/crypto/openssl/crypto/asn1/tasn_dec.c	Wed Apr 22
> > 13:31:52 2009	(r191380) +++
> > stable/7/crypto/openssl/crypto/asn1/tasn_dec.c	Wed Apr 22 14:07:14
> > 2009	(r191381) @@ -1012,6 +1012,18 @@ int asn1_ex_c2i(ASN1_VALUE **pval,
> > const
> >  		case V_ASN1_SET:
> >  		case V_ASN1_SEQUENCE:
> >  		default:
> > +		if (utype == V_ASN1_BMPSTRING && (len & 1))
> > +			{
> > +			ASN1err(ASN1_F_ASN1_EX_C2I,
> > +					ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
> > +			goto err;
> > +			}
> > +		if (utype == V_ASN1_UNIVERSALSTRING && (len & 3))
> > +			{
> > +			ASN1err(ASN1_F_ASN1_EX_C2I,
> > +					ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
> > +			goto err;
> > +			}
> >  		/* All based on ASN1_STRING and handled the same */
> >  		if (!*pval)
> >  			{
> > _______________________________________________
> > svn-src-all@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/svn-src-all
> > To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"

-- 
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904250524.46502.max>