Ola Lundqvist <[email protected]> writes: > This is a very large commit but from > https://blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html > it looks like it is the following files that were updated: > - crypto/math/pstm.c > - crypto/pubkey/dh.c > - crypto/pubkey/rsa.c
The rsa.c patch appears to apply fine to rsa.c (actually it looks like there are three identical copies of rsa.c). The patch applies to psRsaEncryptPriv() the function but in wheezy it patches is the matrixRsaEncryptPub() function - makes me wonder if it is patching the correct thing. After visually inspecting the old code and the new code, it looks like it could be correct, however stuff has changed. There doesn't appear to be any sign of the other files, or the pstm_exptmod() function - which was the focus the of the security issue. So maybe this means the wheezy version is not vulnerable to the pstm_exptmod() because it doesn't have this function?? I suspect the code might use mp_exptmod() instead, which is likely to be another implementation with a different (?) set of security issues. Also worth noting this Debian packaging appears not to support any sort of updates to the upstream code. The matrixssl_1.8.8.orig.tar.gz contains matrixssl-1-8-8-open.tgz and there doesn't appear to be any provided mechanism that I can see for applying patches before building. The debian/changelog refers to a debian/diff/0001-don-t-define-USE_MULTITHREADING-with-diet-libc.diff file, but I can't actually find it. Nor can I see anything in debian/rules - so I think any changes would require updating the unpack rule in debian/rules to somehow apply them automatically. -- Brian May <[email protected]>
