[openssl] master update
The branch master has been updated
via 32f7be2ab72ee22e98a2254709cb6128492b207a (commit)
from fdd436436d337f54e1e9d57b46b9489f7a3d042d (commit)
- Log -
commit 32f7be2ab72ee22e98a2254709cb6128492b207a
Author: Dr. David von Oheimb
Date: Tue Aug 17 19:57:08 2021 +0200
APPS: Fix result type of dump_cert_text() and behavior of print_name() on
out==NULL
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/16344)
---
Summary of changes:
apps/include/apps.h | 2 +-
apps/lib/apps.c | 8 +++-
2 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/apps/include/apps.h b/apps/include/apps.h
index bc8c6359f3..9d5db16600 100644
--- a/apps/include/apps.h
+++ b/apps/include/apps.h
@@ -94,7 +94,7 @@ typedef struct args_st {
int wrap_password_callback(char *buf, int bufsiz, int verify, void *cb_data);
int chopup_args(ARGS *arg, char *buf);
-int dump_cert_text(BIO *out, X509 *x);
+void dump_cert_text(BIO *out, X509 *x);
void print_name(BIO *out, const char *title, const X509_NAME *nm);
void print_bignum_var(BIO *, const BIGNUM *, const char*,
int, unsigned char *);
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 9762001b6a..43c01401e8 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -200,14 +200,10 @@ unsigned long get_nameopt(void)
return (nmflag_set) ? nmflag : XN_FLAG_ONELINE;
}
-int dump_cert_text(BIO *out, X509 *x)
+void dump_cert_text(BIO *out, X509 *x)
{
print_name(out, "subject=", X509_get_subject_name(x));
-BIO_puts(out, "\n");
print_name(out, "issuer=", X509_get_issuer_name(x));
-BIO_puts(out, "\n");
-
-return 0;
}
int wrap_password_callback(char *buf, int bufsiz, int verify, void *userdata)
@@ -1289,6 +1285,8 @@ void print_name(BIO *out, const char *title, const
X509_NAME *nm)
int indent = 0;
unsigned long lflags = get_nameopt();
+if (out == NULL)
+return;
if (title != NULL)
BIO_puts(out, title);
if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
[openssl] master update
The branch master has been updated via fdd436436d337f54e1e9d57b46b9489f7a3d042d (commit) from e1c2913833f84ccd23aa6f2001f1ecaccadf3e56 (commit) - Log - commit fdd436436d337f54e1e9d57b46b9489f7a3d042d Author: Pauli Date: Wed Aug 25 10:44:01 2021 +1000 news/changes: fix formatting nits The news/changes files are being nitted causing CI failure. This addresses the issues. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/16413) --- Summary of changes: CHANGES.md | 114 - NEWS.md| 1 + 2 files changed, 61 insertions(+), 54 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 5fdec520b7..905ad50a50 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1362,66 +1362,72 @@ OpenSSL 1.1.1 * Fixed an SM2 Decryption Buffer Overflow. - In order to decrypt SM2 encrypted data an application is expected to call the - API function EVP_PKEY_decrypt(). Typically an application will call this - function twice. The first time, on entry, the "out" parameter can be NULL and, - on exit, the "outlen" parameter is populated with the buffer size required to - hold the decrypted plaintext. The application can then allocate a sufficiently - sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL - value for the "out" parameter. + In order to decrypt SM2 encrypted data an application is expected to + call the API function EVP_PKEY_decrypt(). Typically an application will + call this function twice. The first time, on entry, the "out" parameter + can be NULL and, on exit, the "outlen" parameter is populated with the + buffer size required to hold the decrypted plaintext. The application + can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() + again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the - calculation of the buffer size required to hold the plaintext returned by the - first call to EVP_PKEY_decrypt() can be smaller than the actual size required by - the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is - called by the application a second time with a buffer that is too small. - - A malicious attacker who is able present SM2 content for decryption to an - application could cause attacker chosen data to overflow the buffer by up to a - maximum of 62 bytes altering the contents of other data held after the - buffer, possibly changing application behaviour or causing the application to - crash. The location of the buffer is application dependent but is typically - heap allocated. + calculation of the buffer size required to hold the plaintext returned + by the first call to EVP_PKEY_decrypt() can be smaller than the actual + size required by the second call. This can lead to a buffer overflow + when EVP_PKEY_decrypt() is called by the application a second time with + a buffer that is too small. + + A malicious attacker who is able present SM2 content for decryption to + an application could cause attacker chosen data to overflow the buffer + by up to a maximum of 62 bytes altering the contents of other data held + after the buffer, possibly changing application behaviour or causing + the application to crash. The location of the buffer is application + dependent but is typically heap allocated. ([CVE-2021-3711]) *Matt Caswell* - * Fixed various read buffer overruns processing ASN.1 strings - -ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING -structure which contains a buffer holding the string data and a field holding -the buffer length. This contrasts with normal C strings which are repesented as -a buffer for the string data which is terminated with a NUL (0) byte. - -Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's -own "d2i" functions (and other similar parsing functions) as well as any string -whose value has been set with the ASN1_STRING_set() function will additionally -NUL terminate the byte array in the ASN1_STRING structure. - -However, it is possible for applications to directly construct valid ASN1_STRING -structures which do not NUL terminate the byte array by directly setting the -"data" and "length" fields in the ASN1_STRING array. This can also happen by -using the ASN1_STRING_set0() function. - -Numerous OpenSSL functions that print ASN.1 data have been found to assume that -the ASN1_STRING byte array will be NUL terminated, even though this is not -guaranteed for strings that have been directly constructed. Where an application -requests an ASN.1
[openssl] master update
The branch master has been updated via e1c2913833f84ccd23aa6f2001f1ecaccadf3e56 (commit) from 2576b70d43e1fcc8073df60f3e22a13b67d3 (commit) - Log - commit e1c2913833f84ccd23aa6f2001f1ecaccadf3e56 Author: Pauli Date: Wed Aug 25 10:32:12 2021 +1000 cpp: fix included files to avoid failure in no-deprecated builds A header file was missing but only in no-deprecated builds. Also add some ending comments for #if preprocessor statements. Move function declaration inside #ifdef guard for header. Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/16412) --- Summary of changes: include/crypto/x509.h | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/crypto/x509.h b/include/crypto/x509.h index 599db841a7..1f00178e89 100644 --- a/include/crypto/x509.h +++ b/include/crypto/x509.h @@ -14,6 +14,7 @@ # include "internal/refcount.h" # include # include +# include # include "crypto/types.h" /* Internal X509 structures and functions: not for application use */ @@ -343,7 +344,7 @@ DH *ossl_d2i_DH_PUBKEY(DH **a, const unsigned char **pp, long length); int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp); DH *ossl_d2i_DHx_PUBKEY(DH **a, const unsigned char **pp, long length); int ossl_i2d_DHx_PUBKEY(const DH *a, unsigned char **pp); -# endif +# endif /* OPENSSL_NO_DH */ # ifndef OPENSSL_NO_EC ECX_KEY *ossl_d2i_ED25519_PUBKEY(ECX_KEY **a, const unsigned char **pp, long length); @@ -357,10 +358,10 @@ int ossl_i2d_X25519_PUBKEY(const ECX_KEY *a, unsigned char **pp); ECX_KEY *ossl_d2i_X448_PUBKEY(ECX_KEY **a, const unsigned char **pp, long length); int ossl_i2d_X448_PUBKEY(const ECX_KEY *a, unsigned char **pp); -# endif +# endif /* OPENSSL_NO_EC */ EVP_PKEY *ossl_d2i_PUBKEY_legacy(EVP_PKEY **a, const unsigned char **pp, long length); -#endif int x509v3_add_len_value_uchar(const char *name, const unsigned char *value, size_t vallen, STACK_OF(CONF_VALUE) **extlist); +#endif /* OSSL_CRYPTO_X509_H */
[openssl] master update
The branch master has been updated
via 2576b70d43e1fcc8073df60f3e22a13b67d3 (commit)
from 94736c3a10ae7d109243abffb0200931fb3db5a8 (commit)
- Log -
commit 2576b70d43e1fcc8073df60f3e22a13b67d3
Author: Pauli
Date: Wed Aug 25 10:12:17 2021 +1000
sm2: fix error raise to not fail make update
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/16411)
---
Summary of changes:
crypto/sm2/sm2_crypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c
index e26b48390a..5318c6199f 100644
--- a/crypto/sm2/sm2_crypt.c
+++ b/crypto/sm2/sm2_crypt.c
@@ -313,7 +313,7 @@ int ossl_sm2_decrypt(const EC_KEY *key,
C3 = sm2_ctext->C3->data;
msg_len = sm2_ctext->C2->length;
if (*ptext_len < (size_t)msg_len) {
-SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
+ERR_raise(ERR_LIB_SM2, SM2_R_BUFFER_TOO_SMALL);
goto done;
}
[openssl] OpenSSL_1_0_2v delete
The annotated tag OpenSSL_1_0_2v has been deleted was 571d13e591360b770cc93e0085e9eb522758e96f - Log - 3f9c9c6ee9c792fa281900149f889090e540 Prepare for 1.0.2v release ---
[openssl] OpenSSL_1_0_2w delete
The annotated tag OpenSSL_1_0_2w has been deleted was 61694f4327ea70db170cf987174da51672604bf4 - Log - 51fe13e340561da2a51870785c8f0818872fc1bc Prepare for 1.0.2w release ---
[openssl] OpenSSL_1_0_2x delete
The annotated tag OpenSSL_1_0_2x has been deleted was f278d144994a4b0cb31c239755a026916603b9f6 - Log - fa174e280f15db2093c026a7e15433b5e5c65a76 Prepare for 1.0.2x release ---
[openssl] OpenSSL_1_0_2y delete
The annotated tag OpenSSL_1_0_2y has been deleted was 31db38aa664c43895469ac079b8c64ed52aac8df - Log - 924fdf1fbec0f305dbf77c9d9250fdf9080aef88 Prepare for 1.0.2y release ---
[openssl] OpenSSL_1_0_2za delete
The annotated tag OpenSSL_1_0_2za has been deleted was e197135eee4164c33146dad7b96f0d71b8844deb - Log - 11e489b8da357feab83bb6f819eaf7f1d909a617 Prepare for 1.0.2za release ---
FAILED build of OpenSSL branch master with options enable-fuzz-afl no-shared no-module
Platform and configuration command: $ uname -a Linux run 5.4.0-74-generic #83-Ubuntu SMP Sat May 8 02:35:39 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config enable-fuzz-afl no-shared no-module Commit log since last time: 94736c3a10 rsa: Try legacy encoding functions for pubkey 796f4f7085 Updates CHANGES.md and NEWS.md for new 1.1.1 release ad1ca777f9 Check the plaintext buffer is large enough when decrypting SM2 d07036b98d Extend tests for SM2 decryption 36cf45ef3b Correctly calculate the length of SM2 plaintext given the ciphertext 4b8a8bb752 Fix the error handling in i2v_AUTHORITY_KEYID e20fc2ee4f Allow fuzz builds to detect string overruns 030c5aba94 Fix EC_GROUP_new_from_ecparameters to check the base length 7c038a6bcd Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings 98624776c4 Fix append_ia5 function to not assume NUL terminated strings 1f365708a3 Fix test code to not assume NUL terminated strings 95f8c1e142 Fix CMP code to not assume NUL terminated strings d2015a783e Fix the name constraints code to not assume NUL terminated strings 918430ba80 Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings b2b3b9c993 Fix GENERAL_NAME_print to not assume NUL terminated strings 1747d4658b Fix POLICYINFO printing to not assume NUL terminated strings ad6ac17489 Fix i2v_GENERAL_NAME to not assume NUL terminated strings Build log ended with (last 100 lines): # SSL_accept() failed -1, 1 # 40970CDB177F:error:068C0100:asn1 encoding routines:ASN1_STRING_set:malloc failure:../openssl/crypto/asn1/asn1_lib.c:311: # 40970CDB177F:error:068C0100:asn1 encoding routines:asn1_ex_c2i:malloc failure:../openssl/crypto/asn1/tasn_dec.c:944: # 40970CDB177F:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:685:Field=session_id, Type=SSL_SESSION_ASN1 # 40970CDB177F:error:0A0C0103:SSL routines:construct_stateless_ticket:internal error:../openssl/ssl/statem/statem_srvr.c:3706: # INFO: @ ../openssl/test/helpers/ssltestlib.c:957 # SSL_connect() failed -1, 1 # 40970CDB177F:error:0A000438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1584:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:9260 # false # OPENSSL_TEST_RAND_ORDER=1629843676 not ok 372 - iteration 7 # -- # OPENSSL_TEST_RAND_ORDER=1629843676 not ok 74 - test_dh_auto # -- # INFO: @ ../openssl/test/helpers/ssltestlib.c:975 # SSL_accept() failed -1, 1 # 40970CDB177F:error:068C0100:asn1 encoding routines:ASN1_STRING_set:malloc failure:../openssl/crypto/asn1/asn1_lib.c:311: # 40970CDB177F:error:068C0100:asn1 encoding routines:asn1_ex_c2i:malloc failure:../openssl/crypto/asn1/tasn_dec.c:944: # 40970CDB177F:error:0688010A:asn1 encoding routines:asn1_template_noexp_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:685: # 40970CDB177F:error:0688010A:asn1 encoding routines:asn1_template_ex_d2i:nested asn1 error:../openssl/crypto/asn1/tasn_dec.c:537:Field=session_id_context, Type=SSL_SESSION_ASN1 # 40970CDB177F:error:0A0C0103:SSL routines:construct_stateless_ticket:internal error:../openssl/ssl/statem/statem_srvr.c:3706: # INFO: @ ../openssl/test/helpers/ssltestlib.c:1004 # No progress made # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:9315 # false # OPENSSL_TEST_RAND_ORDER=1629843676 not ok 75 - test_sni_tls13 # -- ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bkTcXITTlB default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # -- # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 32. # Looks like you failed 1 test of 1.90-test_sslapi.t ... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests Test Summary Report --- 80-test_ssl_new.t(Wstat: 7168 Tests: 30 Failed: 28) Failed tests: 1-21, 23-28, 30 Non-zero exit status: 28 20-test_spkac.t (Wstat: 512 Tests: 4 Failed: 2) Failed tests: 2, 4 Non-zero exit status: 2 25-test_crl.t(Wstat: 256 Tests: 10 Failed: 1) Failed test: 3 Non-zero exit status: 1 25-test_sid.t(Wstat: 256 Tests: 2 Failed:
[openssl] master update
The branch master has been updated
via 94736c3a10ae7d109243abffb0200931fb3db5a8 (commit)
from 796f4f7085ac95a1b0ccee8ff3c6c183219cdab2 (commit)
- Log -
commit 94736c3a10ae7d109243abffb0200931fb3db5a8
Author: Tomas Mraz
Date: Wed Aug 11 13:09:09 2021 +0200
rsa: Try legacy encoding functions for pubkey
If there are no suitable encoders it might mean the key is in
an engine and thus it is a legacy key. Try legacy encoding
routines to encode the public key. We do not attempt encoding
a private key as it would be in most cases impossible anyway.
Fixes #16256
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/16289)
---
Summary of changes:
apps/rsa.c | 39 ++-
1 file changed, 38 insertions(+), 1 deletion(-)
diff --git a/apps/rsa.c b/apps/rsa.c
index 3e9d320ea3..05a091ce4b 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -7,6 +7,9 @@
* https://www.openssl.org/source/license.html
*/
+/* Necessary for legacy RSA public key export */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
#include
#include
@@ -86,6 +89,36 @@ const OPTIONS rsa_options[] = {
{NULL}
};
+static int try_legacy_encoding(EVP_PKEY *pkey, int outformat, int pubout,
+ BIO *out)
+{
+int ret = 0;
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+const RSA *rsa = EVP_PKEY_get0_RSA(pkey);
+
+if (rsa == NULL)
+return 0;
+
+if (outformat == FORMAT_ASN1) {
+if (pubout == 2)
+ret = i2d_RSAPublicKey_bio(out, rsa) > 0;
+else
+ret = i2d_RSA_PUBKEY_bio(out, rsa) > 0;
+} else if (outformat == FORMAT_PEM) {
+if (pubout == 2)
+ret = PEM_write_bio_RSAPublicKey(out, rsa) > 0;
+else
+ret = PEM_write_bio_RSA_PUBKEY(out, rsa) > 0;
+# ifndef OPENSSL_NO_DSA
+} else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+ret = i2b_PublicKey_bio(out, pkey) > 0;
+# endif
+}
+#endif
+
+return ret;
+}
+
int rsa_main(int argc, char **argv)
{
ENGINE *e = NULL;
@@ -331,7 +364,11 @@ int rsa_main(int argc, char **argv)
output_type, output_structure,
NULL);
if (OSSL_ENCODER_CTX_get_num_encoders(ectx) == 0) {
-BIO_printf(bio_err, "%s format not supported\n", output_type);
+if ((!pubout && !pubin)
+|| !try_legacy_encoding(pkey, outformat, pubout, out))
+BIO_printf(bio_err, "%s format not supported\n", output_type);
+else
+ret = 0;
goto end;
}
[web] master update
The branch master has been updated via bac471c10fd4ed7b906de2a525ccd14e88bb15fb (commit) from 06ad477ee26f9e15dd8bc87d6bce6017ceec2342 (commit) - Log - commit bac471c10fd4ed7b906de2a525ccd14e88bb15fb Author: Matt Caswell Date: Tue Aug 24 14:59:46 2021 +0100 Add link to security advisory from newsflash Reviewed-by: Richard Levitte --- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index f1feacc..e8718a1 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -5,6 +5,7 @@ # headings. URL paths must all be absolute. Date: Item +24-Aug-2021: Security Advisory: two security fixes 24-Aug-2021: OpenSSL 1.1.1l is now available, including bug and security fixes 29-Jul-2021: Beta 2 of OpenSSL 3.0 is now available. This is a release candidate: please download and test it 17-Jun-2021: New Blog post: OpenSSL 3.0 Release Candidate
[web] master update
The branch master has been updated via 06ad477ee26f9e15dd8bc87d6bce6017ceec2342 (commit) from e2ba17260f0cc0a1fd1b0c20bf5238a4795076df (commit) - Log - commit 06ad477ee26f9e15dd8bc87d6bce6017ceec2342 Author: Matt Caswell Date: Tue Aug 24 13:54:40 2021 +0100 Updates for the new release Reviewed-by: Richard Levitte --- Summary of changes: news/newsflash.txt | 1 + news/secadv/20210824.txt | 118 + news/vulnerabilities.xml | 134 ++- 3 files changed, 252 insertions(+), 1 deletion(-) create mode 100644 news/secadv/20210824.txt diff --git a/news/newsflash.txt b/news/newsflash.txt index a756e6e..f1feacc 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -5,6 +5,7 @@ # headings. URL paths must all be absolute. Date: Item +24-Aug-2021: OpenSSL 1.1.1l is now available, including bug and security fixes 29-Jul-2021: Beta 2 of OpenSSL 3.0 is now available. This is a release candidate: please download and test it 17-Jun-2021: New Blog post: OpenSSL 3.0 Release Candidate 17-Jun-2021: Beta 1 of OpenSSL 3.0 is now available. This is a release candidate: please download and test it diff --git a/news/secadv/20210824.txt b/news/secadv/20210824.txt new file mode 100644 index 000..f15ecd6 --- /dev/null +++ b/news/secadv/20210824.txt @@ -0,0 +1,118 @@ +OpenSSL Security Advisory [24 August 2021] +== + +SM2 Decryption Buffer Overflow (CVE-2021-3711) +== + +Severity: High + +In order to decrypt SM2 encrypted data an application is expected to call the +API function EVP_PKEY_decrypt(). Typically an application will call this +function twice. The first time, on entry, the "out" parameter can be NULL and, +on exit, the "outlen" parameter is populated with the buffer size required to +hold the decrypted plaintext. The application can then allocate a sufficiently +sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL +value for the "out" parameter. + +A bug in the implementation of the SM2 decryption code means that the +calculation of the buffer size required to hold the plaintext returned by the +first call to EVP_PKEY_decrypt() can be smaller than the actual size required by +the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is +called by the application a second time with a buffer that is too small. + +A malicious attacker who is able present SM2 content for decryption to an +application could cause attacker chosen data to overflow the buffer by up to a +maximum of 62 bytes altering the contents of other data held after the +buffer, possibly changing application behaviour or causing the application to +crash. The location of the buffer is application dependent but is typically +heap allocated. + +OpenSSL versions 1.1.1k and below are affected by this issue. Users of these +versions should upgrade to OpenSSL 1.1.1l. + +OpenSSL 1.0.2 is not impacted by this issue. + +OpenSSL 3.0 alpha/beta releases are also affected but this issue will be +addressed before the final release. + +This issue was reported to OpenSSL on 12th August 2021 by John Ouyang. The fix +was developed by Matt Caswell. + +Read buffer overruns processing ASN.1 strings (CVE-2021-3712) += + +Severity: Moderate + +ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING +structure which contains a buffer holding the string data and a field holding +the buffer length. This contrasts with normal C strings which are repesented as +a buffer for the string data which is terminated with a NUL (0) byte. + +Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's +own "d2i" functions (and other similar parsing functions) as well as any string +whose value has been set with the ASN1_STRING_set() function will additionally +NUL terminate the byte array in the ASN1_STRING structure. + +However, it is possible for applications to directly construct valid ASN1_STRING +structures which do not NUL terminate the byte array by directly setting the +"data" and "length" fields in the ASN1_STRING array. This can also happen by +using the ASN1_STRING_set0() function. + +Numerous OpenSSL functions that print ASN.1 data have been found to assume that +the ASN1_STRING byte array will be NUL terminated, even though this is not +guaranteed for strings that have been directly constructed. Where an application +requests an ASN.1 structure to be printed, and where that ASN.1 structure +contains ASN1_STRINGs that have been directly constructed by the application +without NUL terminating the "data" field,
[openssl] OpenSSL_1_1_1l create
The annotated tag OpenSSL_1_1_1l has been created at 6e9c3540b2dc39e6bdda9444c79ecaa4d6baa312 (tag) tagging fb047ebc87b18bdc4cf9ddee9ee1f5ed93e56aff (commit) replaces OpenSSL_1_1_1k tagged by Matt Caswell on Tue Aug 24 14:38:47 2021 +0100 - Log - OpenSSL 1.1.1l release tag -BEGIN PGP SIGNATURE- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmEk9mcRHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJGEvgf+OV98uls31C2slBrooNPmlpYtiUS663wo KcJ5jifnYDoBudYicsFPT1CjuRuX4tSk4A685+inbq+1DFdTmHcFLw2Dd6ki4el8 Z/dQCp9eDX3Z+gdb5hs4j/FMfwEqnjuj8dCk8/ib1XVqb9f2gA5XJE49NoZtSksk VZkSKC9MKnA7IGbd3ov6LaPZuygk6T5R+wvWeiz+USd9UzUPG874QvHpyH4R2Hl2 4TTwNH1QQuc5kuam8yTFMAWMs4ZhTUm1GpEMzZ3T/yB7iLuD5LUoEQJSRhklFvgh IGfs9dOhXbNmYj2duKmJ4JOvRI/slQeP96+sRgrTgOH6e9Md1BbIEA== =HL6/ -END PGP SIGNATURE- Alex Yursha (1): Print correct error message in utils/mkdir-p.pl Benjamin Kaduk (4): Improve RFC 8446 PSK key exchange mode compliance make update Don't send key_share for PSK-only key exchange Update expected results for tls13kexmodes tests Billy Brumley (1): [doc/man3] documentation: BN_cmp manpage updates Christian Heimes (1): Inherit hostflags verify params even without hosts Daiki Ueno (2): BIO_lookup_ex: use AI_ADDRCONFIG only if explicit host name is given apps: Use the first detected address family if IPv6 is not available Dave Coombs (1): crl2pkcs7 shouldn't include empty optional sets David Benjamin (1): Fix use of uninitialized memory in test_rsa_oaep David CARLIER (1): apple getentropy removal David Carlier (1): BIO_listen: disable setting ipv6_v6only on OpenBSD as it is a read only data and true Dmitry Belyavskiy (5): Use OCSP-specific error code for clarity Avoid sending alerts after shutdown Try to parse private key as PKCS#8 first, fallback afterwards Testing private keys with extra attributes Cleanup the peer point formats on regotiation Dr. David von Oheimb (1): ee-self-signed.pem: Restore original version, adding -attime to 25-test_verify.t Fred Hornsey (1): Support for Android NDK r22 Hubert Kario (1): man: s_server: fix typo in -alpn option description Ingo Franzki (2): s390x: AES OFB/CFB: Maintain running IV from cipher context Test EVP Cipher updating the context's IV Ingo Schwarze (1): Fix a read buffer overrun in X509_aux_print(). Jean-Philippe Boivin (1): Properly restore XMM registers in ChaCha20's AVX-512(VL) assembly Lars Immisch (1): Use getauxval on Android with API level > 18 Matt Caswell (24): Prepare for 1.1.1l-dev Only call dtls1_start_timer() once Fix s_server PSK handling Avoid "excessive message size" for session tickets Don't reset the packet pointer in ssl3_setup_read_buffer Disallow SSL_key_update() if there are writes pending Fix some minor record layer issues Fix i2v_GENERAL_NAME to not assume NUL terminated strings Fix POLICYINFO printing to not assume NUL terminated strings Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings Fix the name constraints code to not assume NUL terminated strings Fix test code to not assume NUL terminated strings Fix append_ia5 function to not assume NUL terminated strings Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings Fix EC_GROUP_new_from_ecparameters to check the base length Allow fuzz builds to detect string overruns Fix the error handling in i2v_AUTHORITY_KEYID Correctly calculate the length of SM2 plaintext given the ciphertext Extend tests for SM2 decryption Check the plaintext buffer is large enough when decrypting SM2 Updates to CHANGES and NEWS for the new release Update copyright year Run make update Prepare for 1.1.1l release Mohamed Akram (1): doc: fix enc -z option documentation Nan Xiao (5): Fix BIO_new_ssl_connect() to not leak memory Fix typo in BIO_push.pod Remove unnecessary BIO_do_handshake()s Fix potential double free in sslapitest.c Fix typos in x509.pod Niclas Rosenvik (1): Some compilers define __STDC_VERSION__ in c++ Nicola Tuveri (12): [github-ci] Sync ci.yml workflow with master [github-ci] Import windows.yml workflow from master [github-ci] Import cross-compiles.yml workflow from master [github-ci] Import run-checker workflows from master [github-ci] Import run-checker daily workflow from master [github-ci][cross-compiles.yml] Disable sparcv9 [github-ci][ci.yml] Disable krb5 external tests [github-ci][ci.yml] Disable pyca external tests [github-ci][run-checker-ci.yml] Disable no-tls1_3 tests [github-ci][ci.yml] Disable memory sanitizer build
[openssl] OpenSSL_1_0_2y create
The annotated tag OpenSSL_1_0_2y has been created at 31db38aa664c43895469ac079b8c64ed52aac8df (tag) tagging 924fdf1fbec0f305dbf77c9d9250fdf9080aef88 (commit) replaces OpenSSL_1_0_2x tagged by Matt Caswell on Tue Feb 16 15:28:05 2021 + - Log - OpenSSL 1.0.2y release tag -BEGIN PGP SIGNATURE- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmAr5IURHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJGK+wf/esIfv7uEM+wBS6OnHrc71c11xxi/TvXS End8VwtO/KDTPpItZ0+1ZOPotfEDKH+Podj2+B02fJNC183t2UeI1JygMKLxyolj vgaylHH3OVC9vaHp6bfsgC5w5EvV7x3YTy5Z7iHrwsTl3nKY8cH9XZSI4IPfsD3O GNeQLnshWKhJTmiBgV46l0ldGGsK4+zGKQY2cIfncaN91fTWXBHhkzUmrzf3+PuN V3e5DlFQ85Agn8IDS7eP9MEOdv56X/uu3OisG+TgOwiJ9/8Lg1lUB3yfB2eE4SeE B2uTu9UXjZhuAf5HkgohdHq3cyv/XtBIE2QE7+e0bGr59Bj52iQLbg== =Pnc5 -END PGP SIGNATURE- Matt Caswell (8): Prepare for 1.0.2y-dev Ensure SRP BN_mod_exp follows the constant time path Fix Null pointer deref in X509_issuer_and_serial_hash() Fix the RSA_SSLV23_PADDING padding type Don't overflow the output length in EVP_CipherUpdate calls Updates CHANGES and NEWS for new release Update copyright year Prepare for 1.0.2y release ---
[openssl] OpenSSL_1_0_2x create
The annotated tag OpenSSL_1_0_2x has been created at f278d144994a4b0cb31c239755a026916603b9f6 (tag) tagging fa174e280f15db2093c026a7e15433b5e5c65a76 (commit) replaces OpenSSL_1_0_2w tagged by Matt Caswell on Tue Dec 8 13:25:31 2020 + - Log - OpenSSL 1.0.2x release tag -BEGIN PGP SIGNATURE- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl/PfssRHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJHQFQgAuU2j7NclJXEph5yfE5QuUZImFS2LcXlX NS4kvXeN9f+GEWwkaVKv3JhqEAd4ku7OjwtANhTl/3ixXtgVOMrg3jt/xXmANlud 1fPyaLaXwTUmaz1N/jBZ5C2YXsyHeXG7aD+A3Q+zJBuoApsxKv5M3GT9N0gzwPsC NeMWxIbry0MQHA5PEKch1XOc+FxJdUodRyhThcIpcNlMSaRttxaJ+J3pfIU80se1 Pf3Nzw5Dedi8EIA4dAz49QWHPMUh8SLaUPbPYN6oEc2OJGDvNQDAEzG23I5v04vd SKXdJh4e45BE/Zy7gBTOwJ7DogFySL/sPl2h+8V6Cr7uOnI820asSw== =ij/d -END PGP SIGNATURE- Matt Caswell (10): DirectoryString is a CHOICE type and therefore uses explicit tagging Correctly compare EdiPartyName in GENERAL_NAME_cmp() Check that multi-strings/CHOICE types don't use implicit tagging Complain if we are attempting to encode with an invalid ASN.1 template Add a test for GENERAL_NAME_cmp Add a test for encoding/decoding using an invalid ASN.1 Template Update CHANGES and NEWS for new release Update copyright year make update Prepare for 1.0.2x release Richard Levitte (1): Prepare for 1.0.2x-dev ---
[openssl] OpenSSL_1_0_2za create
The annotated tag OpenSSL_1_0_2za has been created at e197135eee4164c33146dad7b96f0d71b8844deb (tag) tagging 11e489b8da357feab83bb6f819eaf7f1d909a617 (commit) replaces OpenSSL_1_0_2y tagged by Matt Caswell on Tue Aug 24 14:40:06 2021 +0100 - Log - OpenSSL 1.0.2za release tag -BEGIN PGP SIGNATURE- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmEk9rYRHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJHU9wf+MwP1hJ5svbtfx0fVcqqWp+HzO4U7Tpu7 bp5TWK5bNUVsYJ/uyPoLZIBDk363DdMrQ4zXRRyKXFG4FpdwfAfsbGdITOiFSQ31 HadaLvhpIQjOdJhOeMSbhgBe4I9GfdSfYuMhiTjBFtQkiGRY6yRCUsq/SkTF8Txm BlJrNghggcEw308O9sKsSOd0FD2vCdzxNhLeWyM5ju4wru5UcPxYKCu/dWkgy0yI d8QTG5qTG/uGfiCqA+y5trk2Jp22eHpcu16qeLVD+pO0MY2iwJa/Oit9Pcn16sia GVdiSaB0Ss8zZ94S6+u2H4hGVWPPkHMpqMdoTpUnDbaBSvCgjk5UgA== =t7CP -END PGP SIGNATURE- Matt Caswell (12): Prepare for 1.0.2za-dev Fix i2v_GENERAL_NAME to not assume NUL terminated strings Fix POLICYINFO printing to not assume NUL terminated strings Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings Fix the name constraints code to not assume NUL terminated strings Fix append_ia5 function to not assume NUL terminated strings Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings Fix a read buffer overrun in X509_CERT_AUX_print() Update CHANGES and NEWS for new release Update copyright year Run make update Prepare for 1.0.2za release ---
[openssl] OpenSSL_1_0_2w create
The annotated tag OpenSSL_1_0_2w has been created at 61694f4327ea70db170cf987174da51672604bf4 (tag) tagging 51fe13e340561da2a51870785c8f0818872fc1bc (commit) replaces OpenSSL_1_0_2v tagged by Richard Levitte on Wed Sep 9 14:03:51 2020 +0200 - Log - OpenSSL 1.0.2w release tag -BEGIN PGP SIGNATURE- iF0EABECAB0WIQTEyrdJw09/TMBP2smnr5549wlFOwUCX1jEqAAKCRCnr5549wlF O7o9AJ46dqxzPm/pKd+3ybbAtsSJ24rA3QCgnm1A3roMuUfMHFeON5Y60kSK8Ic= =aNB9 -END PGP SIGNATURE- Matt Caswell (3): Prepare for 1.0.2w-dev Move the static "DH" ciphersuites into the "weak-ssl-ciphers" list Make SSL_OP_SINGLE_ECDH_USE the default and mandatory Richard Levitte (2): Update copyright year Prepare for 1.0.2w release ---
[openssl] OpenSSL_1_0_2v create
The annotated tag OpenSSL_1_0_2v has been created at 571d13e591360b770cc93e0085e9eb522758e96f (tag) tagging 3f9c9c6ee9c792fa281900149f889090e540 (commit) replaces OpenSSL_1_0_2u tagged by Matt Caswell on Tue May 5 15:06:00 2020 +0100 - Log - OpenSSL 1.0.2v release tag -BEGIN PGP SIGNATURE- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl6xcsgRHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJErFQgAv5e5S1afyZzZrRU+eyS3942W2KHUYXut 0v+upXQQn0RdTNrTsWkTdWPdp/09T67AgmcpWwTTlmQ4LIkdIFA29WZub8cMwe1M qTthcCQhuifDH9wh0MPJBRxUEoWvcn2+ltP9HmhC2fopQ3PW7oprzpHxMSP0a/5R wcNHwaVy/EqC7BEpMbKIwtX6MYq6hNosopP08yg0jTbdG1V/UdgZMPwQwZojo39k UcEDNBJjMEgSqnSZ1LZU8G13ymYd6IzLpPkvC03y3lwm5U82rEUfSoY4r0UA6ewr 6+i1S/JMeU6Kkg60flMgDIrHXC5jlQUcfRUoGDWMgrbz2SVXNfrWBg== =GuM2 -END PGP SIGNATURE- Diego F. Aranha (1): Implement blinding for EC scalar multiplication Matt Caswell (4): Prepare for 1.0.2v-dev Update CHANGES and NEWS for the 1.02v release Update copyright year Prepare for 1.0.2v release ---
[openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via a2056b09fbef58bcb79b0fe8b88b592c560eb32f (commit) via fb047ebc87b18bdc4cf9ddee9ee1f5ed93e56aff (commit) via 4e5d5077096c7bff1bfe2ae835957f827334e9c6 (commit) via 6f2a7abe22de08bdaacf0025349b30d46826108a (commit) via 4f8ce5b7cf4a4342a5f7c028077411fed59189ba (commit) via 515ac8b5e544dd713a2b4cabfc54b722d122c218 (commit) via 733fa41c3fc4bcac37f94aa917f7242420f8a5a6 (commit) via 59f5e75f3bced8fc0e130d72a3f582cf7b480b46 (commit) via 8c74c9d1ade0fbdab5b815ddb747351b8b839641 (commit) via d9bfd68295146b6afad288ef4145aeb5eb0e6c66 (commit) via 94d23fcff9b2a7a8368dfe52214d5c2569882c11 (commit) via 2d0e5d4a4a5d4332325b5e5cea492fad2be633e1 (commit) via bb4d2ed4091408404e18b3326e3df67848ef63d0 (commit) via 4de66925203ca99189c842136ec4a623137ea447 (commit) via 8393de42498f8be75cf0353f5c9f906a43a748d2 (commit) via 23446958685a593d4d9434475734b99138902ed2 (commit) via 5f54e57406ca17731b9ade3afd561d3c652e07f2 (commit) via 174ba8048a7f2f5e1fca31cfb93b1730d9db8300 (commit) from 4f850d7221ef6d9010053434d8ae43da13ad8fde (commit) - Log - commit a2056b09fbef58bcb79b0fe8b88b592c560eb32f Author: Matt Caswell Date: Tue Aug 24 14:39:03 2021 +0100 Prepare for 1.1.1m-dev Reviewed-by: Richard Levitte commit fb047ebc87b18bdc4cf9ddee9ee1f5ed93e56aff Author: Matt Caswell Date: Tue Aug 24 14:38:47 2021 +0100 Prepare for 1.1.1l release Reviewed-by: Richard Levitte commit 4e5d5077096c7bff1bfe2ae835957f827334e9c6 Author: Matt Caswell Date: Tue Aug 24 14:32:25 2021 +0100 Run make update Reviewed-by: Richard Levitte commit 6f2a7abe22de08bdaacf0025349b30d46826108a Author: Matt Caswell Date: Tue Aug 24 14:14:34 2021 +0100 Update copyright year Reviewed-by: Richard Levitte commit 4f8ce5b7cf4a4342a5f7c028077411fed59189ba Author: Matt Caswell Date: Tue Aug 24 13:41:40 2021 +0100 Updates to CHANGES and NEWS for the new release Reviewed-by: Richard Levitte commit 515ac8b5e544dd713a2b4cabfc54b722d122c218 Author: Matt Caswell Date: Fri Aug 13 16:58:21 2021 +0100 Check the plaintext buffer is large enough when decrypting SM2 Previously there was no check that the supplied buffer was large enough. It was just assumed to be sufficient. Instead we should check and fail if not. Reviewed-by: Paul Dale Reviewed-by: Nicola Tuveri commit 733fa41c3fc4bcac37f94aa917f7242420f8a5a6 Author: Matt Caswell Date: Fri Aug 13 14:49:47 2021 +0100 Extend tests for SM2 decryption Check the case where C1y < 32 bytes in length (i.e. short overhead), and also the case with longer plaintext and C1x and C1y > 32 bytes in length (i.e. long overhead) Reviewed-by: Paul Dale Reviewed-by: Nicola Tuveri commit 59f5e75f3bced8fc0e130d72a3f582cf7b480b46 Author: Matt Caswell Date: Fri Aug 13 14:14:51 2021 +0100 Correctly calculate the length of SM2 plaintext given the ciphertext Previously the length of the SM2 plaintext could be incorrectly calculated. The plaintext length was calculated by taking the ciphertext length and taking off an "overhead" value. The overhead value was assumed to have a "fixed" element of 10 bytes. This is incorrect since in some circumstances it can be more than 10 bytes. Additionally the overhead included the length of two integers C1x and C1y, which were assumed to be the same length as the field size (32 bytes for the SM2 curve). However in some cases these integers can have an additional padding byte when the msb is set, to disambiguate them from negative integers. Additionally the integers can also be less than 32 bytes in length in some cases. If the calculated overhead is incorrect and larger than the actual value this can result in the calculated plaintext length being too small. Applications are likely to allocate buffer sizes based on this and therefore a buffer overrun can occur. CVE-2021-3711 Issue reported by John Ouyang. Reviewed-by: Paul Dale Reviewed-by: Nicola Tuveri commit 8c74c9d1ade0fbdab5b815ddb747351b8b839641 Author: Matt Caswell Date: Fri Aug 20 15:23:32 2021 +0100 Fix the error handling in i2v_AUTHORITY_KEYID Previously if an error path is entered a leak could result. Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale commit d9bfd68295146b6afad288ef4145aeb5eb0e6c66 Author: Matt Caswell Date: Thu Aug 19 15:25:04 2021 +0100 Allow fuzz builds to detect string overruns If FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is defined then we don't NUL terminate ASN1_STRING datatypes. This shouldn't be necessary but we add it any for safety in
[openssl] master update
The branch master has been updated via 796f4f7085ac95a1b0ccee8ff3c6c183219cdab2 (commit) via ad1ca777f9702f355a2f74dc5eed713476825f23 (commit) via d07036b98d2ea8b3d9a93181bd8b0cb33a6c8ba1 (commit) via 36cf45ef3ba71e44a8be06ee81cb31aa02cb0010 (commit) via 4b8a8bb75229b64d1c7598d845fdc3c7e7d7eee2 (commit) via e20fc2ee4fc90ac1476b3a9b15b37542bfb1af73 (commit) via 030c5aba94788f152f9ceef3549815df45bef702 (commit) via 7c038a6bcd98d4bbfd2c2892a87a1138d2f7c5f3 (commit) via 98624776c4d501c8badd6f772ab7048ac9191cb9 (commit) via 1f365708a3318a5f1a395f90c38b584a58d37fb9 (commit) via 95f8c1e142df835d03b5b62521383a462fc5470d (commit) via d2015a783e64613d8e4a142fa05048d1863df944 (commit) via 918430ba80d94ec8f05383b43b1872b1ebb13e1a (commit) via b2b3b9c9936b91315adc0f3254879cb2fd5ca2bd (commit) via 1747d4658b3830951068a6a6c1fa2b45c4731fb3 (commit) via ad6ac17489241574136b7d035f01f6175dd9c941 (commit) from ed3f51ec7d2f8956bff7bedf99b65ff1595e02e8 (commit) - Log - commit 796f4f7085ac95a1b0ccee8ff3c6c183219cdab2 Author: Matt Caswell Date: Tue Aug 24 13:37:49 2021 +0100 Updates CHANGES.md and NEWS.md for new 1.1.1 release Reviewed-by: Richard Levitte commit ad1ca777f9702f355a2f74dc5eed713476825f23 Author: Matt Caswell Date: Fri Aug 13 16:58:21 2021 +0100 Check the plaintext buffer is large enough when decrypting SM2 Previously there was no check that the supplied buffer was large enough. It was just assumed to be sufficient. Instead we should check and fail if not. Reviewed-by: Paul Dale Reviewed-by: Nicola Tuveri commit d07036b98d2ea8b3d9a93181bd8b0cb33a6c8ba1 Author: Matt Caswell Date: Fri Aug 13 14:49:47 2021 +0100 Extend tests for SM2 decryption Check the case where C1y < 32 bytes in length (i.e. short overhead), and also the case with longer plaintext and C1x and C1y > 32 bytes in length (i.e. long overhead) Reviewed-by: Paul Dale Reviewed-by: Nicola Tuveri commit 36cf45ef3ba71e44a8be06ee81cb31aa02cb0010 Author: Matt Caswell Date: Fri Aug 13 14:14:51 2021 +0100 Correctly calculate the length of SM2 plaintext given the ciphertext Previously the length of the SM2 plaintext could be incorrectly calculated. The plaintext length was calculated by taking the ciphertext length and taking off an "overhead" value. The overhead value was assumed to have a "fixed" element of 10 bytes. This is incorrect since in some circumstances it can be more than 10 bytes. Additionally the overhead included the length of two integers C1x and C1y, which were assumed to be the same length as the field size (32 bytes for the SM2 curve). However in some cases these integers can have an additional padding byte when the msb is set, to disambiguate them from negative integers. Additionally the integers can also be less than 32 bytes in length in some cases. If the calculated overhead is incorrect and larger than the actual value this can result in the calculated plaintext length being too small. Applications are likely to allocate buffer sizes based on this and therefore a buffer overrun can occur. CVE-2021-3711 Issue reported by John Ouyang. Reviewed-by: Paul Dale Reviewed-by: Nicola Tuveri commit 4b8a8bb75229b64d1c7598d845fdc3c7e7d7eee2 Author: Matt Caswell Date: Fri Aug 20 15:23:32 2021 +0100 Fix the error handling in i2v_AUTHORITY_KEYID Previously if an error path is entered a leak could result. Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale Reviewed-by: David Benjamin commit e20fc2ee4fc90ac1476b3a9b15b37542bfb1af73 Author: Matt Caswell Date: Thu Aug 19 15:25:04 2021 +0100 Allow fuzz builds to detect string overruns If FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is defined then we don't NUL terminate ASN1_STRING datatypes. This shouldn't be necessary but we add it any for safety in normal builds. Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale Reviewed-by: David Benjamin commit 030c5aba94788f152f9ceef3549815df45bef702 Author: Matt Caswell Date: Thu Aug 19 12:24:17 2021 +0100 Fix EC_GROUP_new_from_ecparameters to check the base length Check that there's at least one byte in params->base before trying to read it. CVE-2021-3712 Reviewed-by: Viktor Dukhovni Reviewed-by: Paul Dale Reviewed-by: David Benjamin commit 7c038a6bcd98d4bbfd2c2892a87a1138d2f7c5f3 Author: Matt Caswell Date: Thu Aug 19 12:23:38 2021 +0100 Fix NETSCAPE_SPKI_print function to not assume NUL terminated strings ASN.1 strings may not be NUL terminated. Don't assume they are. CVE-2021-3712
Coverity Scan: Analysis completed for OpenSSL-1.0.2
Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3D3LTw_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGSQ3fkuVTlkwCoeoKQr4tXj2851hUGWISNerNkA3sUSMADUzOVoUeBch9JqTqQL0t067ipdNrMWALvW0oz7tPDlbSMOfl3etfhkbp-2FwUaYRq6t9xYnmeiXjO9dh4A5PbJSMwdzf4tfcHkRiJIJiXRbDwACE8oT85dZECvfG-2BysZIpx9-2BoYRp4Bf-2ByXwFoFMRA-3D Build ID: 403945 Analysis Summary: New defects found: 0 Defects eliminated: 0
Coverity Scan: Analysis completed for openssl/openssl
Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3D1t3X_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeH1lnoohkQP6ujfHTYUc3szcBmix8EDU9jn1jB48z-2FNZoTm8KtHLD4MrTngv3XmAXiSb4cHlz-2FnUgcCZpMmh-2F-2FbogqhT5SnqvOHOrmMbt0jSzsdOUwkOw1vJNNricYa8OBEfxzPLhlPRXifdEIa6nsY0WA2-2BIJ1xVRh-2FvkE87jBiIKMsZm-2BLi1gATgi9nHRHXs-3D Build ID: 403941 Analysis Summary: New defects found: 0 Defects eliminated: 0
