Greetings everyone.
A co-worker of mine, Wes Santee, has discovered what appears to be an
unchecked buffer in the RSAeay code in OpenSSL. The functions
RSA_eay_private_encrypt and RSA_eay_public_encrypt accept a *to parameter
but they don't seem to check its size before writing data to it.
These functions are called unless the user has #defined to use RSAREF,
when the user calls RSA_sign (*sigret parameter). It is probably also
called from other locations; I haven't looked very hard.
I have looked at the code for both 0.9.4 and 0.9.5a, and both seem to
share the problem. I am no code wizard and most of my programming is done
in Java or Perl; however, it sure looks to me like a problem waiting to
happen, and Wes is concerned. If one or more of you guys wanted to take a
look at the code mentioned to see if our fears are right or wrong, I would
appreciate it! :)
[The security officers, theo, and christoph are all cc'ed because I
don't remember if the recent RSAREF2 buffer problems were exploitable; if
they were, then this might also be exploitable. (I haven't even tried to
see if this could be a security problem for any software.) This way, if
there is good likelihood of a security problem, these guys are alerted to
the possibility and can be checking openssl.org for patches religiously
for a little while. :]
Thanks everyone. :)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
