wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/evp
History
Dr. Matthias St. Pierre d070b4ae78 bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data 
Fixes #5405, #1381

The base64 filter BIO reads its input in chunks of B64_BLOCK_SIZE bytes.
When processing input in PEM format it can happen in rare cases that

- the trailing PEM marker crosses the boundary of a chunk, and
- the beginning of the following chunk contains valid base64 encoded data.

This happened in issue #5405, where the PEM marker was split into
"-----END CER" and "TIFICATE-----" at the end of the first chunk.

The decoding of the first chunk terminated correctly at the '-' character,
which is treated as an EOF marker, and b64_read() returned. However,
when called the second time, b64_read() read the next chunk and interpreted
the string "TIFICATE" as valid base64 encoded data, adding 6 extra bytes
'4c 81 48 08 04 c4'.

This patch restores the assignment of the error code to 'ctx->cont', which
was deleted accidentally in commit 5562cfaca4 and which prevents b64_read()
from reading additional data on subsequent calls.

This issue was observed and reported by Annie Yousar.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5422)
2018-02-27 18:38:33 +01:00
..
bio_b64.c bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data 2018-02-27 18:38:33 +01:00
bio_enc.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
bio_md.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
bio_ok.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
build.info SM3: restructure to EVP internal and update doc to right location 2017-11-06 07:21:15 +08:00
c_allc.c SM4: Add SM4 block cipher to EVP 2017-10-31 15:19:14 +10:00
c_alld.c SHA512/224 and SHA512/256 2018-01-24 07:09:46 +10:00
cmeth_lib.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
digest.c Add EVP_DigestFinalXOF, interface to extendable-output functions, XOFs. 2017-08-12 12:20:06 +02:00
e_aes.c Fix some bugs with the cfb1 bitsize handling 2018-02-23 14:10:46 +01:00
e_aes_cbc_hmac_sha1.c Remove some dead code 2017-07-19 11:49:08 +01:00
e_aes_cbc_hmac_sha256.c evp/e_aes_cbc_hmac_sha256.c: give SHAEXT right priority. 2017-07-24 23:29:13 +02:00
e_aria.c Implement Aria GCM/CCM Modes and TLS cipher suites 2017-08-30 12:33:53 +02:00
e_bf.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
e_camellia.c Update copyright year 2018-02-27 13:59:42 +00:00
e_cast.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
e_chacha20_poly1305.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
e_des.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
e_des3.c Fix the overlapping check for fragmented "Update" operations 2017-01-25 15:02:44 +00:00
e_idea.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
e_null.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
e_old.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
e_rc2.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
e_rc4.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
e_rc4_hmac_md5.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
e_rc5.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
e_seed.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
e_sm4.c SM4: Add SM4 block cipher to EVP 2017-10-31 15:19:14 +10:00
e_xcbc_d.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
encode.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
evp_cnf.c This has been added to avoid the situation where some host ctype.h functions 2017-08-22 09:45:25 +10:00
evp_enc.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
evp_err.c Have EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find() 2018-01-23 20:27:32 +01:00
evp_key.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
evp_lib.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
evp_locl.h Fix the overlapping check for fragmented "Update" operations 2017-01-25 15:02:44 +00:00
evp_pbe.c Adding NID_hmac_sha1 and _md5 to builtin_pbe[] 2017-08-02 09:32:11 +10:00
evp_pkey.c Switch from ossl_rand to DRBG rand 2017-08-03 09:23:28 -04:00
m_md2.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
m_md4.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
m_md5.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
m_md5_sha1.c Fix ctrl operation for SHA1/MD5SHA1. 2016-11-25 20:50:58 +00:00
m_mdc2.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
m_null.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
m_ripemd.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
m_sha1.c Avoid fragile aliasing of SHA224/384 update/final 2018-02-13 23:27:51 -05:00
m_sha3.c evp/m_sha3.c: wire SHA3 to rsaEncryption. 2017-09-11 22:18:18 +02:00
m_sigver.c Fix memleak in EVP_DigestSignFinal/VerifyFinal. 2017-06-12 12:49:50 -04:00
m_wp.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
names.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
p5_crpt.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
p5_crpt2.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
p_dec.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
p_enc.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
p_lib.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
p_open.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
p_seal.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
p_sign.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
p_verify.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
pbe_scrypt.c evp/pbe_scrypt.c: add boundary condition for implicit cast. 2017-11-13 10:58:14 +01:00
pmeth_fn.c Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
pmeth_gn.c Support public key and param check in EVP interface 2017-11-20 07:20:30 +01:00
pmeth_lib.c Support public key and param check in EVP interface 2017-11-20 07:20:30 +01:00