Search
j0ke.net Open Build Service
>
Projects
>
home:netmax
:
monitoring
>
openssl1
> openssl-CVE-2015-1788.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File openssl-CVE-2015-1788.patch of Package openssl1
commit 4924b37ee01f71ae19c94a8934b80eeb2f677932 Author: Andy Polyakov <appro@openssl.org> Date: Thu Jun 11 00:18:01 2015 +0200 bn/bn_gf2m.c: avoid infinite loop wich malformed ECParamters. CVE-2015-1788 Reviewed-by: Matt Caswell <matt@openssl.org> Index: openssl-1.0.1i/crypto/bn/bn_gf2m.c =================================================================== --- openssl-1.0.1i.orig/crypto/bn/bn_gf2m.c 2015-06-12 09:46:24.360586854 +0200 +++ openssl-1.0.1i/crypto/bn/bn_gf2m.c 2015-06-12 09:48:11.218840146 +0200 @@ -568,9 +568,10 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIG } #else { - int i, ubits = BN_num_bits(u), - vbits = BN_num_bits(v), /* v is copy of p */ - top = p->top; + int i; + int ubits = BN_num_bits(u); + int vbits = BN_num_bits(v); /* v is copy of p */ + int top = p->top; BN_ULONG *udp,*bdp,*vdp,*cdp; bn_wexpand(u,top); udp = u->d; @@ -611,7 +612,12 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIG ubits--; } - if (ubits<=BN_BITS2 && udp[0]==1) break; + if (ubits <= BN_BITS2) { + if (udp[0] == 0) /* poly was reducible */ + goto err; + if (udp[0] == 1) + break; + } if (ubits<vbits) {