CVS commit: [netbsd-5-0] src/crypto/dist/openssl/engines/ccgost

Wed, 25 Jan 2012 12:32:17 -0800 

Module Name:    src
Committed By:   riz
Date:           Wed Jan 25 20:32:10 UTC 2012

Modified Files:
        src/crypto/dist/openssl/engines/ccgost [netbsd-5-0]: gost2001_keyx.c
            gost94_keyx.c

Log Message:
Apply patch (requested by drochner in ticket #1711):
crypto/dist/openssl/engines/ccgost/gost2001_keyx.c      patch
crypto/dist/openssl/engines/ccgost/gost94_keyx.c        patch

        Address CVE-2011-4109.
        [drochner, ticket #1712]


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.12.1 \
    src/crypto/dist/openssl/engines/ccgost/gost2001_keyx.c \
    src/crypto/dist/openssl/engines/ccgost/gost94_keyx.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/crypto/dist/openssl/engines/ccgost/gost2001_keyx.c
diff -u src/crypto/dist/openssl/engines/ccgost/gost2001_keyx.c:1.1.1.1 src/crypto/dist/openssl/engines/ccgost/gost2001_keyx.c:1.1.1.1.12.1
--- src/crypto/dist/openssl/engines/ccgost/gost2001_keyx.c:1.1.1.1	Fri May  9 21:34:42 2008
+++ src/crypto/dist/openssl/engines/ccgost/gost2001_keyx.c	Wed Jan 25 20:32:10 2012
@@ -253,6 +253,10 @@ int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *
 	}	
 		
 	param = get_encryption_params(gkt->key_agreement_info->cipher);
+	if(!param){
+	    goto err;
+	}
+
 	gost_init(&ctx,param->sblock);	
 	OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
 	memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);
Index: src/crypto/dist/openssl/engines/ccgost/gost94_keyx.c
diff -u src/crypto/dist/openssl/engines/ccgost/gost94_keyx.c:1.1.1.1 src/crypto/dist/openssl/engines/ccgost/gost94_keyx.c:1.1.1.1.12.1
--- src/crypto/dist/openssl/engines/ccgost/gost94_keyx.c:1.1.1.1	Fri May  9 21:34:42 2008
+++ src/crypto/dist/openssl/engines/ccgost/gost94_keyx.c	Wed Jan 25 20:32:10 2012
@@ -237,6 +237,10 @@ int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *
 
 
 	param = get_encryption_params(gkt->key_agreement_info->cipher);
+	if(!param){
+	    goto err;
+	}
+
 	gost_init(&cctx,param->sblock);	
 	OPENSSL_assert(gkt->key_agreement_info->eph_iv->length==8);
 	memcpy(wrappedKey,gkt->key_agreement_info->eph_iv->data,8);

Reply via email to