Date: Mon, 26 Sep 2016 08:21:29 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r306336 - in releng: 10.1 10.1/crypto/openssl/crypto/bn 10.1/sys/conf 10.2 10.2/crypto/openssl/crypto/bn 10.2/sys/conf 10.3 10.3/crypto/openssl/crypto/bn 10.3/sys/conf 9.3 9.3/crypto/op... Message-ID: <201609260821.u8Q8LTSG060862@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Mon Sep 26 08:21:29 2016 New Revision: 306336 URL: https://svnweb.freebsd.org/changeset/base/306336 Log: Apply upstream revision 3612ff6fcec0e3d1f2a598135fe12177c0419582: Fix overflow check in BN_bn2dec() Fix an off by one error in the overflow check added by 07bed46 ("Check for errors in BN_bn2dec()"). This fixes a regression introduced in SA-16:26.openssl. Submitted by: jkim PR: 212921 Approved by: so Modified: releng/10.1/UPDATING releng/10.1/crypto/openssl/crypto/bn/bn_print.c releng/10.1/sys/conf/newvers.sh releng/10.2/UPDATING releng/10.2/crypto/openssl/crypto/bn/bn_print.c releng/10.2/sys/conf/newvers.sh releng/10.3/UPDATING releng/10.3/crypto/openssl/crypto/bn/bn_print.c releng/10.3/sys/conf/newvers.sh releng/9.3/UPDATING releng/9.3/crypto/openssl/crypto/bn/bn_print.c releng/9.3/sys/conf/newvers.sh Modified: releng/10.1/UPDATING ============================================================================== --- releng/10.1/UPDATING Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.1/UPDATING Mon Sep 26 08:21:29 2016 (r306336) @@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH stable/10, and then rebuild without this option. The bootstrap process from older version of current is a bit fragile. +20160926 p29 FreeBSD-SA-16:26.openssl [revised] + + Fix OpenSSL regression introduced in SA-16:26. + 20160923 p38 FreeBSD-SA-16:26.openssl Fix multiple OpenSSL vulnerabilitites. Modified: releng/10.1/crypto/openssl/crypto/bn/bn_print.c ============================================================================== --- releng/10.1/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.1/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:21:29 2016 (r306336) @@ -141,14 +141,13 @@ char *BN_bn2dec(const BIGNUM *a) if (BN_is_negative(t)) *p++ = '-'; - i = 0; while (!BN_is_zero(t)) { + if (lp - bn_data >= bn_data_num) + goto err; *lp = BN_div_word(t, BN_DEC_CONV); if (*lp == (BN_ULONG)-1) goto err; lp++; - if (lp - bn_data >= bn_data_num) - goto err; } lp--; /* Modified: releng/10.1/sys/conf/newvers.sh ============================================================================== --- releng/10.1/sys/conf/newvers.sh Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.1/sys/conf/newvers.sh Mon Sep 26 08:21:29 2016 (r306336) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.1" -BRANCH="RELEASE-p38" +BRANCH="RELEASE-p39" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/10.2/UPDATING ============================================================================== --- releng/10.2/UPDATING Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.2/UPDATING Mon Sep 26 08:21:29 2016 (r306336) @@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH stable/10, and then rebuild without this option. The bootstrap process from older version of current is a bit fragile. +20160926 p22 FreeBSD-SA-16:26.openssl [revised] + + Fix OpenSSL regression introduced in SA-16:26. + 20160923 p21 FreeBSD-SA-16:26.openssl Fix multiple OpenSSL vulnerabilitites. Modified: releng/10.2/crypto/openssl/crypto/bn/bn_print.c ============================================================================== --- releng/10.2/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.2/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:21:29 2016 (r306336) @@ -141,14 +141,13 @@ char *BN_bn2dec(const BIGNUM *a) if (BN_is_negative(t)) *p++ = '-'; - i = 0; while (!BN_is_zero(t)) { + if (lp - bn_data >= bn_data_num) + goto err; *lp = BN_div_word(t, BN_DEC_CONV); if (*lp == (BN_ULONG)-1) goto err; lp++; - if (lp - bn_data >= bn_data_num) - goto err; } lp--; /* Modified: releng/10.2/sys/conf/newvers.sh ============================================================================== --- releng/10.2/sys/conf/newvers.sh Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.2/sys/conf/newvers.sh Mon Sep 26 08:21:29 2016 (r306336) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.2" -BRANCH="RELEASE-p21" +BRANCH="RELEASE-p22" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/10.3/UPDATING ============================================================================== --- releng/10.3/UPDATING Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.3/UPDATING Mon Sep 26 08:21:29 2016 (r306336) @@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH stable/10, and then rebuild without this option. The bootstrap process from older version of current is a bit fragile. +20160926 p9 FreeBSD-SA-16:26.openssl [revised] + + Fix OpenSSL regression introduced in SA-16:26. + 20160923 p8 FreeBSD-SA-16:26.openssl Fix multiple OpenSSL vulnerabilitites. Modified: releng/10.3/crypto/openssl/crypto/bn/bn_print.c ============================================================================== --- releng/10.3/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.3/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:21:29 2016 (r306336) @@ -141,14 +141,13 @@ char *BN_bn2dec(const BIGNUM *a) if (BN_is_negative(t)) *p++ = '-'; - i = 0; while (!BN_is_zero(t)) { + if (lp - bn_data >= bn_data_num) + goto err; *lp = BN_div_word(t, BN_DEC_CONV); if (*lp == (BN_ULONG)-1) goto err; lp++; - if (lp - bn_data >= bn_data_num) - goto err; } lp--; /* Modified: releng/10.3/sys/conf/newvers.sh ============================================================================== --- releng/10.3/sys/conf/newvers.sh Mon Sep 26 08:19:33 2016 (r306335) +++ releng/10.3/sys/conf/newvers.sh Mon Sep 26 08:21:29 2016 (r306336) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.3" -BRANCH="RELEASE-p8" +BRANCH="RELEASE-p9" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/9.3/UPDATING ============================================================================== --- releng/9.3/UPDATING Mon Sep 26 08:19:33 2016 (r306335) +++ releng/9.3/UPDATING Mon Sep 26 08:21:29 2016 (r306336) @@ -11,6 +11,10 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20160926 p47 FreeBSD-SA-16:26.openssl [revised] + + Fix OpenSSL regression introduced in SA-16:26. + 20160923 p46 FreeBSD-SA-16:26.openssl Fix multiple OpenSSL vulnerabilitites. Modified: releng/9.3/crypto/openssl/crypto/bn/bn_print.c ============================================================================== --- releng/9.3/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:19:33 2016 (r306335) +++ releng/9.3/crypto/openssl/crypto/bn/bn_print.c Mon Sep 26 08:21:29 2016 (r306336) @@ -141,14 +141,13 @@ char *BN_bn2dec(const BIGNUM *a) if (BN_is_negative(t)) *p++ = '-'; - i = 0; while (!BN_is_zero(t)) { + if (lp - bn_data >= bn_data_num) + goto err; *lp = BN_div_word(t, BN_DEC_CONV); if (*lp == (BN_ULONG)-1) goto err; lp++; - if (lp - bn_data >= bn_data_num) - goto err; } lp--; /* Modified: releng/9.3/sys/conf/newvers.sh ============================================================================== --- releng/9.3/sys/conf/newvers.sh Mon Sep 26 08:19:33 2016 (r306335) +++ releng/9.3/sys/conf/newvers.sh Mon Sep 26 08:21:29 2016 (r306336) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.3" -BRANCH="RELEASE-p46" +BRANCH="RELEASE-p47" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609260821.u8Q8LTSG060862>