diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-10-13 22:19:36 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-10-14 23:22:23 +0100 |
commit | 4b19be30aa626b327c885dae62c559ec0e9fb935 (patch) | |
tree | 76e74807bc479502e13866b581b6bf86734ec634 /dev-libs/openssl/files | |
parent | 30d6f67c98d149508509d5e86f176d558793acc0 (diff) |
gentoo resync : 13.10.2019
Diffstat (limited to 'dev-libs/openssl/files')
-rw-r--r-- | dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch | 107 | ||||
-rw-r--r-- | dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch | 52 |
2 files changed, 159 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch b/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch new file mode 100644 index 000000000000..1f195d0384c1 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1d-fix-potential-memleaks-w-BN_to_ASN1_INTEGER.patch @@ -0,0 +1,107 @@ +From 515c728dbaa92211d2eafb0041ab9fcd258fdc41 Mon Sep 17 00:00:00 2001 +From: Bernd Edlinger <bernd.edlinger@hotmail.de> +Date: Mon, 9 Sep 2019 19:12:25 +0200 +Subject: [PATCH] Fix potential memory leaks with BN_to_ASN1_INTEGER + +Reviewed-by: Paul Dale <paul.dale@oracle.com> +Reviewed-by: Matt Caswell <matt@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/9833) + +(cherry picked from commit f28bc7d386b25fb75625d0c62c6b2e6d21de0d09) +--- + crypto/ec/ec_asn1.c | 7 +++++-- + crypto/x509v3/v3_asid.c | 26 ++++++++++++++++++++------ + 2 files changed, 25 insertions(+), 8 deletions(-) + +diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c +index 1ce1181fc10..7cbf8de9813 100644 +--- a/crypto/ec/ec_asn1.c ++++ b/crypto/ec/ec_asn1.c +@@ -446,6 +446,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, + unsigned char *buffer = NULL; + const EC_POINT *point = NULL; + point_conversion_form_t form; ++ ASN1_INTEGER *orig; + + if (params == NULL) { + if ((ret = ECPARAMETERS_new()) == NULL) { +@@ -496,8 +497,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, + ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB); + goto err; + } +- ret->order = BN_to_ASN1_INTEGER(tmp, ret->order); ++ ret->order = BN_to_ASN1_INTEGER(tmp, orig = ret->order); + if (ret->order == NULL) { ++ ret->order = orig; + ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB); + goto err; + } +@@ -505,8 +507,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, + /* set the cofactor (optional) */ + tmp = EC_GROUP_get0_cofactor(group); + if (tmp != NULL) { +- ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor); ++ ret->cofactor = BN_to_ASN1_INTEGER(tmp, orig = ret->cofactor); + if (ret->cofactor == NULL) { ++ ret->cofactor = orig; + ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB); + goto err; + } +diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c +index 089f2ae29f0..ef2d64826fb 100644 +--- a/crypto/x509v3/v3_asid.c ++++ b/crypto/x509v3/v3_asid.c +@@ -256,6 +256,7 @@ static int extract_min_max(ASIdOrRange *aor, + static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) + { + ASN1_INTEGER *a_max_plus_one = NULL; ++ ASN1_INTEGER *orig; + BIGNUM *bn = NULL; + int i, ret = 0; + +@@ -298,9 +299,15 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) + */ + if ((bn == NULL && (bn = BN_new()) == NULL) || + ASN1_INTEGER_to_BN(a_max, bn) == NULL || +- !BN_add_word(bn, 1) || +- (a_max_plus_one = +- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) { ++ !BN_add_word(bn, 1)) { ++ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, ++ ERR_R_MALLOC_FAILURE); ++ goto done; ++ } ++ ++ if ((a_max_plus_one = ++ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { ++ a_max_plus_one = orig; + X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL, + ERR_R_MALLOC_FAILURE); + goto done; +@@ -351,6 +358,7 @@ int X509v3_asid_is_canonical(ASIdentifiers *asid) + static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) + { + ASN1_INTEGER *a_max_plus_one = NULL; ++ ASN1_INTEGER *orig; + BIGNUM *bn = NULL; + int i, ret = 0; + +@@ -416,9 +424,15 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) + */ + if ((bn == NULL && (bn = BN_new()) == NULL) || + ASN1_INTEGER_to_BN(a_max, bn) == NULL || +- !BN_add_word(bn, 1) || +- (a_max_plus_one = +- BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) { ++ !BN_add_word(bn, 1)) { ++ X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, ++ ERR_R_MALLOC_FAILURE); ++ goto done; ++ } ++ ++ if ((a_max_plus_one = ++ BN_to_ASN1_INTEGER(bn, orig = a_max_plus_one)) == NULL) { ++ a_max_plus_one = orig; + X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, + ERR_R_MALLOC_FAILURE); + goto done; diff --git a/dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch b/dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch new file mode 100644 index 000000000000..5d2f923a4872 --- /dev/null +++ b/dev-libs/openssl/files/openssl-1.1.1d-fix-zlib.patch @@ -0,0 +1,52 @@ +From 86ed78676c660b553696cc10c682962522dfeb6c Mon Sep 17 00:00:00 2001 +From: Tomas Mraz <tmraz@fedoraproject.org> +Date: Thu, 12 Sep 2019 12:27:36 +0200 +Subject: [PATCH] BIO_f_zlib: Properly handle BIO_CTRL_PENDING and + BIO_CTRL_WPENDING calls. + +There can be data to write in output buffer and data to read that were +not yet read in the input stream. + +Fixes #9866 + +Reviewed-by: Richard Levitte <levitte@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/9877) + +(cherry picked from commit 6beb8b39ba8e4cb005c1fcd2586ba19e17f04b95) +--- + crypto/comp/c_zlib.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c +index d688deee5f2..7c1be358fd7 100644 +--- a/crypto/comp/c_zlib.c ++++ b/crypto/comp/c_zlib.c +@@ -598,6 +598,28 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) + BIO_copy_next_retry(b); + break; + ++ case BIO_CTRL_WPENDING: ++ if (ctx->obuf == NULL) ++ return 0; ++ ++ if (ctx->odone) { ++ ret = ctx->ocount; ++ } else { ++ ret = ctx->ocount; ++ if (ret == 0) ++ /* Unknown amount pending but we are not finished */ ++ ret = 1; ++ } ++ if (ret == 0) ++ ret = BIO_ctrl(next, cmd, num, ptr); ++ break; ++ ++ case BIO_CTRL_PENDING: ++ ret = ctx->zin.avail_in; ++ if (ret == 0) ++ ret = BIO_ctrl(next, cmd, num, ptr); ++ break; ++ + default: + ret = BIO_ctrl(next, cmd, num, ptr); + break; |