mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-03 05:41:46 +08:00
Code Issues Packages Projects Releases Wiki Activity
8a5d8bc4bc
openssl/crypto/evp
History
Dr. Matthias St. Pierre d070b4ae78 bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data 
Fixes #5405, #1381

The base64 filter BIO reads its input in chunks of B64_BLOCK_SIZE bytes.
When processing input in PEM format it can happen in rare cases that

- the trailing PEM marker crosses the boundary of a chunk, and
- the beginning of the following chunk contains valid base64 encoded data.

This happened in issue #5405, where the PEM marker was split into
"-----END CER" and "TIFICATE-----" at the end of the first chunk.

The decoding of the first chunk terminated correctly at the '-' character,
which is treated as an EOF marker, and b64_read() returned. However,
when called the second time, b64_read() read the next chunk and interpreted
the string "TIFICATE" as valid base64 encoded data, adding 6 extra bytes
'4c 81 48 08 04 c4'.

This patch restores the assignment of the error code to 'ctx->cont', which
was deleted accidentally in commit 5562cfaca4 and which prevents b64_read()
from reading additional data on subsequent calls.

This issue was observed and reported by Annie Yousar.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5422)
2018-02-27 18:38:33 +01:00
..
bio_b64.c bio_b64.c: prevent base64 filter BIO from decoding out-of-bound data 2018-02-27 18:38:33 +01:00
bio_enc.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
bio_md.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
bio_ok.c Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
build.info
c_allc.c
c_alld.c SHA512/224 and SHA512/256 2018-01-24 07:09:46 +10:00
cmeth_lib.c
digest.c
e_aes_cbc_hmac_sha1.c
e_aes_cbc_hmac_sha256.c
e_aes.c Fix some bugs with the cfb1 bitsize handling 2018-02-23 14:10:46 +01:00
e_aria.c
e_bf.c
e_camellia.c Update copyright year 2018-02-27 13:59:42 +00:00
e_cast.c
e_chacha20_poly1305.c
e_des3.c
e_des.c
e_idea.c
e_null.c
e_old.c
e_rc2.c
e_rc4_hmac_md5.c
e_rc4.c
e_rc5.c
e_seed.c
e_sm4.c
e_xcbc_d.c
encode.c
evp_cnf.c
evp_enc.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
evp_err.c Have EVP_PKEY_asn1_find_str() work more like EVP_PKEY_asn1_find() 2018-01-23 20:27:32 +01:00
evp_key.c
evp_lib.c
evp_locl.h
evp_pbe.c
evp_pkey.c
m_md2.c
m_md4.c
m_md5_sha1.c
m_md5.c
m_mdc2.c
m_null.c
m_ripemd.c
m_sha1.c Avoid fragile aliasing of SHA224/384 update/final 2018-02-13 23:27:51 -05:00
m_sha3.c
m_sigver.c
m_wp.c
names.c
p5_crpt2.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
p5_crpt.c
p_dec.c
p_enc.c
p_lib.c
p_open.c
p_seal.c
p_sign.c
p_verify.c
pbe_scrypt.c
pmeth_fn.c
pmeth_gn.c
pmeth_lib.c