diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2002-07-30 13:04:04 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2002-07-30 13:04:04 +0000 |
commit | c046fffa16cd55c972f71c49051b8ce6b83eed7f (patch) | |
tree | f88e3f90a37215466511661e101da6882f8c0836 /crypto | |
parent | 3aecef76973dbea037ec4e1ceba7ec1bd3fb683a (diff) |
OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asn1/asn1_lib.c | 10 | ||||
-rw-r--r-- | crypto/conf/Makefile.ssl | 12 | ||||
-rw-r--r-- | crypto/conf/conf_def.c | 3 | ||||
-rw-r--r-- | crypto/conf/conf_mod.c | 2 | ||||
-rw-r--r-- | crypto/cryptlib.c | 8 | ||||
-rw-r--r-- | crypto/cryptlib.h | 8 | ||||
-rw-r--r-- | crypto/engine/hw_cswift.c | 16 | ||||
-rw-r--r-- | crypto/objects/obj_dat.c | 2 |
8 files changed, 40 insertions, 21 deletions
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 77447a5240..422685a3b4 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -124,15 +124,13 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, (int)(omax+ *pp)); #endif -#if 0 - if ((p+ *plength) > (omax+ *pp)) + if (*plength > (omax - (*pp - p))) { ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough * the values are set correctly */ ret|=0x80; } -#endif *pp=p; return(ret|inf); err: @@ -159,6 +157,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) i= *p&0x7f; if (*(p++) & 0x80) { + if (i > sizeof(long)) + return 0; if (max-- == 0) return(0); while (i-- > 0) { @@ -170,6 +170,8 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) else ret=i; } + if (ret < 0) + return 0; *pp=p; *rl=ret; return(1); @@ -407,7 +409,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) void asn1_add_error(unsigned char *address, int offset) { - char buf1[16],buf2[16]; + char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; sprintf(buf1,"%lu",(unsigned long)address); sprintf(buf2,"%d",offset); diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl index 0d62be821d..c0cf9f987a 100644 --- a/crypto/conf/Makefile.ssl +++ b/crypto/conf/Makefile.ssl @@ -89,14 +89,14 @@ conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h conf_api.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h conf_api.o: conf_api.c -conf_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -conf_def.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h -conf_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -conf_def.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -conf_def.o: ../../include/openssl/opensslconf.h +conf_def.o: ../../e_os.h ../../include/openssl/bio.h +conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h +conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h +conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h conf_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -conf_def.o: conf_def.c conf_def.h +conf_def.o: ../cryptlib.h conf_def.c conf_def.h conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 31f2766246..5e194de60e 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -67,6 +67,7 @@ #include "conf_def.h" #include <openssl/buffer.h> #include <openssl/err.h> +#include "cryptlib.h" static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); @@ -208,12 +209,12 @@ static int def_load(CONF *conf, const char *name, long *line) static int def_load_bio(CONF *conf, BIO *in, long *line) { #define BUFSIZE 512 - char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again,n; long eline=0; + char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index f92babc2e2..edcc08921c 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -230,7 +230,7 @@ static int module_run(const CONF *cnf, char *name, char *value, { if (!(flags & CONF_MFLAGS_SILENT)) { - char rcode[10]; + char rcode[DECIMAL_SIZE(ret)+1]; CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); sprintf(rcode, "%-8d", ret); ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 9a7ed2cf75..3bceddfbbf 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -494,3 +494,11 @@ BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason, #endif #endif + +void OpenSSLDie(const char *file,int line,const char *assertion) + { + fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n", + file,line,assertion); + abort(); + } + diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h index a0489e57fc..985a6d377c 100644 --- a/crypto/cryptlib.h +++ b/crypto/cryptlib.h @@ -89,6 +89,14 @@ extern "C" { #define X509_CERT_DIR_EVP "SSL_CERT_DIR" #define X509_CERT_FILE_EVP "SSL_CERT_FILE" +/* size of string represenations */ +#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) +#define HEX_SIZE(type) ((sizeof(type)*2) + +/* die if we have to */ +void OpenSSLDie(const char *file,int line,const char *assertion); +#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) + #ifdef __cplusplus } #endif diff --git a/crypto/engine/hw_cswift.c b/crypto/engine/hw_cswift.c index 31a79a9d16..f5c897bdbb 100644 --- a/crypto/engine/hw_cswift.c +++ b/crypto/engine/hw_cswift.c @@ -501,7 +501,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -518,7 +518,7 @@ static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, &res, 1)) != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -608,7 +608,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -625,7 +625,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, &res, 1)) != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -740,7 +740,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -758,7 +758,7 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) &res, 1); if(sw_status != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -852,7 +852,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -874,7 +874,7 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, &res, 1); if(sw_status != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 3ff64bb8d1..02c3719f04 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -436,7 +436,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) unsigned long l; unsigned char *p; const char *s; - char tbuf[32]; + char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); |