Fix CVE-2024-5535

Signed-off-by: ShenYage <shenyage1@huawei.com>
2024-07-11 15:09:15 +08:00 · 2024-07-11 15:09:15 +08:00 · f14a124daa
commit f14a124daa
parent 17252e229f
3 changed files with 1962 additions and 1 deletions
--- a/0047-Fix-SSL_select_next_proto-and-add-ALPN-validation-in.patch
+++ b/0047-Fix-SSL_select_next_proto-and-add-ALPN-validation-in.patch
@ -0,0 +1,168 @@
+From a884f9179dd4778a165204cc3f77cf8e593912d1 Mon Sep 17 00:00:00 2001
+From: xuhuiyue <xuhuiyue@huawei.com>
+Date: Fri, 28 Jun 2024 17:31:29 +0800
+Subject: [PATCH 1/2] Fix SSL_select_next_proto and add ALPN validation in the
+ client
+
+Fix CVE-2024-5535.
+
+Signed-off-by: xuhuiyue <xuhuiyue@huawei.com>
+---
+ .../Library/OpensslLib/openssl/ssl/ssl_lib.c  | 63 ++++++++++++-------
+ .../openssl/ssl/statem/extensions_clnt.c      | 27 +++++++-
+ .../openssl/ssl/statem/extensions_srvr.c      |  3 +-
+ 3 files changed, 68 insertions(+), 25 deletions(-)
+
+diff --git a/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c b/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c
+index 35420eb..5d57f5d 100644
+--- a/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c
+@@ -2933,37 +2933,54 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           unsigned int server_len,
+                           const unsigned char *client, unsigned int client_len)
+ {
+-    unsigned int i, j;
+-    const unsigned char *result;
+-    int status = OPENSSL_NPN_UNSUPPORTED;
+    PACKET cpkt, csubpkt, spkt, ssubpkt;
+
+    if (!PACKET_buf_init(&cpkt, client, client_len)
+            || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt)
+            || PACKET_remaining(&csubpkt) == 0) {
+        *out = NULL;
+        *outlen = 0;
+        return OPENSSL_NPN_NO_OVERLAP;
+    }
+
+    /*
+     * Set the default opportunistic protocol. Will be overwritten if we find
+     * a match.
+     */
+    *out = (unsigned char *)PACKET_data(&csubpkt);
+    *outlen = (unsigned char)PACKET_remaining(&csubpkt);
+ 
+     /*
+      * For each protocol in server preference order, see if we support it.
+      */
+-    for (i = 0; i < server_len;) {
+-        for (j = 0; j < client_len;) {
+-            if (server[i] == client[j] &&
+-                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+-                /* We found a match */
+-                result = &server[i];
+-                status = OPENSSL_NPN_NEGOTIATED;
+-                goto found;
+    if (PACKET_buf_init(&spkt, server, server_len)) {
+        while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) {
+            if (PACKET_remaining(&ssubpkt) == 0)
+                continue; /* Invalid - ignore it */
+            if (PACKET_buf_init(&cpkt, client, client_len)) {
+                while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) {
+                    if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt),
+                                     PACKET_remaining(&ssubpkt))) {
+                        /* We found a match */
+                        *out = (unsigned char *)PACKET_data(&ssubpkt);
+                        *outlen = (unsigned char)PACKET_remaining(&ssubpkt);
+                        return OPENSSL_NPN_NEGOTIATED;
+                    }
+                }
+                /* Ignore spurious trailing bytes in the client list */
+            } else {
+                /* This should never happen */
+                return OPENSSL_NPN_NO_OVERLAP;
+             }
+-            j += client[j];
+-            j++;
+         }
+-        i += server[i];
+-        i++;
+        /* Ignore spurious trailing bytes in the server list */
+     }
+ 
+-    /* There's no overlap between our protocols and the server's list. */
+-    result = client;
+-    status = OPENSSL_NPN_NO_OVERLAP;
+-
+- found:
+-    *out = (unsigned char *)result + 1;
+-    *outlen = result[0];
+-    return status;
+    /*
+     * There's no overlap between our protocols and the server's list. We use
+     * the default opportunistic protocol selected earlier
+     */
+    return OPENSSL_NPN_NO_OVERLAP;
+ }
+ 
+ #ifndef OPENSSL_NO_NEXTPROTONEG
+diff --git a/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_clnt.c b/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_clnt.c
+index 842be07..614635b 100644
+--- a/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_clnt.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_clnt.c
+@@ -1536,7 +1536,8 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+                                   PACKET_data(pkt),
+                                   PACKET_remaining(pkt),
+                                   s->ctx->ext.npn_select_cb_arg) !=
+-             SSL_TLSEXT_ERR_OK) {
+                                  SSL_TLSEXT_ERR_OK
+            || selected_len == 0) {
+         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_BAD_EXTENSION);
+         return 0;
+     }
+@@ -1565,6 +1566,8 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+                         size_t chainidx)
+ {
+     size_t len;
+    PACKET confpkt, protpkt;
+    int valid = 0;
+ 
+     /* We must have requested it. */
+     if (!s->s3.alpn_sent) {
+@@ -1583,6 +1586,28 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
+         return 0;
+     }
+
+    /* It must be a protocol that we sent */
+    if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) {
+        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+    while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) {
+        if (PACKET_remaining(&protpkt) != len)
+            continue;
+        if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) {
+            /* Valid protocol found */
+            valid = 1;
+            break;
+        }
+    }
+
+    if (!valid) {
+        /* The protocol sent from the server does not match one we advertised */
+        SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, SSL_R_BAD_EXTENSION);
+        return 0;
+    }
+
+     OPENSSL_free(s->s3.alpn_selected);
+     s->s3.alpn_selected = OPENSSL_malloc(len);
+     if (s->s3.alpn_selected == NULL) {
+diff --git a/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_srvr.c b/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_srvr.c
+index 16765a5..a2d22d0 100644
+--- a/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_srvr.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/ssl/statem/extensions_srvr.c
+@@ -1471,9 +1471,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt,
+             return EXT_RETURN_FAIL;
+         }
+         s->s3.npn_seen = 1;
+        return EXT_RETURN_SENT;
+     }
+ 
+-    return EXT_RETURN_SENT;
+    return EXT_RETURN_NOT_SENT;
+ }
+ #endif
+ 
+-- 
+2.33.0
+
--- a/0048-Add-a-test-for-ALPN-and-NPN.patch
+++ b/0048-Add-a-test-for-ALPN-and-NPN.patch
--- a/edk2.spec
+++ b/edk2.spec
@ -7,7 +7,7 @@

 Name: edk2
 Version: %{stable_date}
-Release: 8
+Release: 9
 Summary: EFI Development Kit II
 License: BSD-2-Clause-Patent and OpenSSL and MIT 
 URL: https://github.com/tianocore/edk2
@ -72,6 +72,10 @@ patch45: 0045-Limit-the-execution-time-of-RSA-public-key-check.patch
 # Fix CVE-2024-1298
 patch46: 0046-MdeModulePkg-Potential-UINT32-overflow-in-S3-ResumeC.patch

+# Fix CVE-2024-5535
+patch47: 0047-Fix-SSL_select_next_proto-and-add-ALPN-validation-in.patch
+patch48: 0048-Add-a-test-for-ALPN-and-NPN.patch
+
 BuildRequires: acpica-tools gcc gcc-c++ libuuid-devel python3 bc nasm python3-unversioned-command isl 

 %description
@ -310,6 +314,9 @@ chmod +x %{buildroot}%{_bindir}/Rsa2048Sha256GenerateKeys
 %endif

 %changelog
+* Thu Jul 11 2024 shenyage<shenyage1@huawei.com> - 202308-9
+- fix CVE-2024-5535
+
 * Tue Jun 11 2024 shenyage<shenyage1@huawei.com> - 202308-8
 - fix CVE-2024-1298