73840139ff
CVE-2023-3446、CVE-2023-3817、CVE-2024-0727、CVE-2023-2975、CVE-2023-6129 Signed-off-by: yexiao <yexiao7@huawei.com>
40 lines
1.6 KiB
Diff
40 lines
1.6 KiB
Diff
From 66ed0773fff248363b63273f78de8fe6da87a8b4 Mon Sep 17 00:00:00 2001
|
|
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
|
Date: Sun, 23 Jul 2023 14:27:54 +0200
|
|
Subject: [PATCH 5/9] Make DH_check set some error bits in recently added error
|
|
|
|
The pre-existing error cases where DH_check returned zero
|
|
are not related to the dh params in any way, but are only
|
|
triggered by out-of-memory errors, therefore having *ret
|
|
set to zero feels right, but since the new error case is
|
|
triggered by too large p values that is something different.
|
|
On the other hand some callers of this function might not
|
|
be prepared to handle the return value correctly but only
|
|
rely on *ret. Therefore we set some error bits in *ret as
|
|
additional safety measure.
|
|
|
|
Reviewed-by: Paul Dale <pauli@openssl.org>
|
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
|
|
|
reference: https://github.com/openssl/openssl/pull/21524
|
|
Signed-off-by: yexiao <yexiao7@huawei.com>
|
|
---
|
|
CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c
|
|
index 84a92699..aef6f9b1 100644
|
|
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c
|
|
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c
|
|
@@ -155,6 +155,7 @@ int DH_check(const DH *dh, int *ret)
|
|
/* Don't do any checks at all with an excessively large modulus */
|
|
if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
|
|
ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);
|
|
+ *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_P_NOT_PRIME;
|
|
return 0;
|
|
}
|
|
|
|
--
|
|
2.33.0
|
|
|