mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2024-10-18 02:19:39 +00:00
Code Issues Releases Activity
e60dbfd00b
freebsd/crypto
History
Viktor Dukhovni e60dbfd00b
Avoid type errors in EAI-related name check logic. 
The incorrectly typed data is read only, used in a compare operation, so
neither remote code execution, nor memory content disclosure were possible.
However, applications performing certificate name checks were vulnerable to
denial of service.

The GENERAL_TYPE data type is a union, and we must take care to access the
correct member, based on `gen->type`, not all the member fields have the same
structure, and a segfault is possible if the wrong member field is read.

The code in question was lightly refactored with the intent to make it more
obviously correct.

CVE-2024-6119

(cherry picked from commit 1486960d6cdb052e4fc0109a56a0597b4e902ba1)
2024-09-01 15:50:31 -07:00
..
aes Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
aria openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
asn1 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
async OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
bf openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
bio Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
bn Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
buffer openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
camellia openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
cast openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
chacha openssl: Vendor import of OpenSSL 3.0.11 2023-09-22 11:55:26 -04:00
cmac openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
cmp openssl: Vendor import of OpenSSL 3.0.11 2023-09-22 11:55:26 -04:00
cms OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
comp openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
conf OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
crmf openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ct openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
des openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
dh OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
dsa Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
dso OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
ec Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
encode_decode Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
engine Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
err Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
ess Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
evp Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
ffc OpenSSL: Vendor import of OpenSSL 3.0.12 2023-10-24 13:48:36 -04:00
hmac openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
http OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
idea openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
kdf openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
lhash OpenSSL: Vendor import of OpenSSL 3.0.12 2023-10-24 13:48:36 -04:00
md2 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
md4 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
md5 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
mdc2 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
modes OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
objects OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
ocsp openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
pem openssl: Vendor import of OpenSSL 3.0.11 2023-09-22 11:55:26 -04:00
perlasm OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
pkcs7 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
pkcs12 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
poly1305 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
property Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
rand openssl: Vendor import of OpenSSL-3.0.9 2023-08-02 21:09:39 -04:00
rc2 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
rc4 openssl: Vendor import of OpenSSL-3.0.9 2023-08-02 21:09:39 -04:00
rc5 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ripemd openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
rsa OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
seed openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
sha Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
siphash openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
sm2 Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
sm3 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
sm4 openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
srp openssl: Vendor import of OpenSSL 3.0.11 2023-09-22 11:55:26 -04:00
stack openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
store openssl: Vendor import of OpenSSL 3.0.11 2023-09-22 11:55:26 -04:00
ts openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
txt_db openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ui openssl: Vendor import of OpenSSL-3.0.9 2023-06-23 09:13:27 -04:00
whrlpool openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
x509 Avoid type errors in EAI-related name check logic. 2024-09-01 15:50:31 -07:00
alphacpuid.pl OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
arm64cpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
arm_arch.h OpenSSL: Vendor import of OpenSSL 3.0.12 2023-10-24 13:48:36 -04:00
armcap.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
armv4cpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
asn1_dsa.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
bsearch.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
build.info OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
c64xpluscpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
context.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
core_algorithm.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
core_fetch.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
core_namemap.c openssl: Vendor import of OpenSSL-3.0.9 2023-08-02 21:09:39 -04:00
cpt_err.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
cpuid.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
cryptlib.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ctype.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
cversion.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
der_writer.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
dllmain.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ebcdic.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ex_data.c OpenSSL: Vendor import of OpenSSL 3.0.12 2023-10-24 13:48:36 -04:00
getenv.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ia64cpuid.S openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
info.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
init.c Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
initthread.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
LPdir_nyi.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
LPdir_unix.c openssl: Vendor import of OpenSSL-3.0.9 2023-08-02 21:09:39 -04:00
LPdir_vms.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
LPdir_win32.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
LPdir_win.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
LPdir_wince.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
mem_clr.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
mem_sec.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
mem.c OpenSSL: Vendor import of OpenSSL 3.0.12 2023-10-24 13:48:36 -04:00
mips_arch.h openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
o_dir.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
o_fopen.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
o_init.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
o_str.c Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
o_time.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
packet.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
param_build_set.c OpenSSL: Vendor import of OpenSSL 3.0.12 2023-10-24 13:48:36 -04:00
param_build.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
params_dup.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
params_from_text.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
params.c openssl: Vendor import of OpenSSL-3.0.9 2023-08-02 21:09:39 -04:00
pariscid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
passphrase.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ppccap.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
ppccpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
provider_child.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
provider_conf.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
provider_core.c Import OpenSSL 3.0.14 2024-06-20 16:24:17 -07:00
provider_local.h openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
provider_predefined.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
provider.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
punycode.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
README-sparse_array.md openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
s390x_arch.h openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
s390xcap.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
s390xcpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
self_test_core.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
sparccpuid.S openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
sparcv9cap.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
sparse_array.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
threads_lib.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
threads_none.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
threads_pthread.c openssl: Vendor import of OpenSSL 3.0.11 2023-09-22 11:55:26 -04:00
threads_win.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02 01:48:38 -08:00
trace.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
uid.c openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
vms_rms.h openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
x86_64cpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00
x86cpuid.pl openssl: Vendor import of OpenSSL-3.0.8 2023-03-06 12:41:29 -08:00