packages/libtasn1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:6d9fbcbc634a4cc42f662f5565a368d4098dc2d9
Branches Tags
packages:main
...
compare: packages:b082644003dfce6294a83c74c67bf569c82bd857
Branches Tags
packages:main

10 Commits
6d9fbcbc63 ... b082644003

Author SHA1 Message Date
openeuler-ci-bot
b082644003
!32 [sync] PR-29: fix CVE-2024-12133 
From: @openeuler-sync-bot 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
 2025-02-08 03:19:31 +00:00
Funda Wang
7695a8faa5 fix CVE-2024-12133 
(cherry picked from commit 39be757d5a23e9b43c6da69675a49e214b51e511)
 2025-02-08 10:40:48 +08:00
openeuler-ci-bot
6d034beea0
!24 【Mainline】Update to 4.19.0 
From: @yixiangzhike 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
 2023-07-17 01:29:57 +00:00
yixiangzhike
dcd7985e59 Update to 4.19.0 2023-07-13 15:24:13 +08:00
openeuler-ci-bot
78981503d6
!19 【Mainline】fix CVE-2021-46848 
From: @yixiangzhike 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
 2022-10-25 08:19:53 +00:00
yixiangzhike
0affd06260 fix CVE-2021-46848 
Signed-off-by: yixiangzhike <yixiangzhike007@163.com>
 2022-10-25 10:38:30 +08:00
openeuler-ci-bot
da395be32e
!16 【轻量级 PR】:fix bogus date 
From: @zhangshaoning_uniontech 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1
 2022-06-13 06:10:52 +00:00
zhangshaoning
50c0123333
fix bogus date 
fix bogus date
 2022-06-13 05:38:38 +00:00
openeuler-ci-bot
e94cdfb3bc
!13 【Mainline】fix fuzz issues 
From: @yixiangzhike 
Reviewed-by: @overweight 
Signed-off-by: @overweight
 2022-05-30 11:15:26 +00:00
yixiangzhike
9dfd20aadd fix fuzz issues 
Signed-off-by: yixiangzhike <yixiangzhike007@163.com>
 2022-05-28 12:01:41 +08:00
8 changed files with 387 additions and 15 deletions
Show Stats Expand all files Collapse all files

39
backport-CVE-2024-12133-part1.patch Normal file
View File

@ -0,0 +1,39 @@
From 4082ca2220b5ba910b546afddf7780fc4a51f75a Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Sat, 19 Oct 2024 02:47:04 +0900
Subject: [PATCH] asn1_der_decoding2: optimize _asn1_find_up call with node
cache
If we are parsing a sequence or set and the current node is a direct
child of it, there is no need to traverse the list back to the
leftmost one as we have a node cache.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Signed-off-by: Simon Josefsson <simon@josefsson.org>
---
lib/decoding.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/lib/decoding.c b/lib/decoding.c
index d2f6dea..1e0fcb3 100644
--- a/lib/decoding.c
+++ b/lib/decoding.c
@@ -1570,7 +1570,14 @@ asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len,
move = UP;
}
if (move == UP)
- p = _asn1_find_up (p);
+ {
+ /* If we are parsing a sequence or set and p is a direct
+ child of it, no need to traverse the list back to the leftmost node. */
+ if (tcache.tail == p)
+ p = tcache.head;
+ else
+ p = _asn1_find_up (p);
+ }
}
_asn1_delete_not_used (*element);
--
GitLab

231
backport-CVE-2024-12133-part2.patch Normal file
View File

@ -0,0 +1,231 @@
From 869a97aa259dffa2620dabcad84e1c22545ffc3d Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Fri, 8 Nov 2024 16:05:32 +0900
Subject: [PATCH] asn1_find_node: optimize "?NUMBER" node lookup with indexing
To avoid linear search of named nodes, this adds a array of child
nodes to their parent nodes as a cache.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Signed-off-by: Simon Josefsson <simon@josefsson.org>
---
lib/element.c | 56 ++++++++++++++++++++++++++++++++++++++++++------
lib/element.h | 10 +++++++++
lib/int.h | 8 +++++++
lib/parser_aux.c | 10 +++++++++
lib/structure.c | 13 +++++++++++
5 files changed, 90 insertions(+), 7 deletions(-)
diff --git a/lib/element.c b/lib/element.c
index 850bef4a..528df418 100644
--- a/lib/element.c
+++ b/lib/element.c
@@ -33,6 +33,8 @@
#include "structure.h"
#include "c-ctype.h"
#include "element.h"
+#include <limits.h>
+#include "intprops.h"
void
_asn1_hierarchical_name (asn1_node_const node, char *name, int name_size)
@@ -129,6 +131,41 @@ _asn1_convert_integer (const unsigned char *value, unsigned char *value_out,
return ASN1_SUCCESS;
}
+int
+_asn1_node_array_set (struct asn1_node_array_st *array, size_t position,
+ asn1_node node)
+{
+ if (position >= array->size)
+ {
+ size_t new_size = position, i;
+ asn1_node *new_nodes;
+
+ if (INT_MULTIPLY_OVERFLOW (new_size, 2))
+ return ASN1_GENERIC_ERROR;
+ new_size *= 2;
+
+ if (INT_ADD_OVERFLOW (new_size, 1))
+ return ASN1_GENERIC_ERROR;
+ new_size += 1;
+
+ if (INT_MULTIPLY_OVERFLOW (new_size, sizeof (*new_nodes)))
+ return ASN1_GENERIC_ERROR;
+
+ new_nodes = realloc (array->nodes, new_size * sizeof (*new_nodes));
+ if (!new_nodes)
+ return ASN1_MEM_ALLOC_ERROR;
+
+ for (i = array->size; i < new_size; i++)
+ new_nodes[i] = NULL;
+
+ array->nodes = new_nodes;
+ array->size = new_size;
+ }
+
+ array->nodes[position] = node;
+ return ASN1_SUCCESS;
+}
+
/* Appends a new element into the sequence (or set) defined by this
* node. The new element will have a name of '?number', where number
* is a monotonically increased serial number.
@@ -145,6 +182,7 @@ _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache)
asn1_node p, p2;
char temp[LTOSTR_MAX_SIZE + 1];
long n;
+ int result;
if (!node || !(node->down))
return ASN1_GENERIC_ERROR;
@@ -177,17 +215,21 @@ _asn1_append_sequence_set (asn1_node node, struct node_tail_cache_st *pcache)
pcache->tail = p2;
}
- if (p->name[0] == 0)
- _asn1_str_cpy (temp, sizeof (temp), "?1");
- else
+ n = 0;
+ if (p->name[0] != 0)
{
- n = strtol (p->name + 1, NULL, 0);
- n++;
- temp[0] = '?';
- _asn1_ltostr (n, temp + 1);
+ n = strtol (p->name + 1, NULL, 10);
+ if (n <= 0 || n >= LONG_MAX - 1)
+ return ASN1_GENERIC_ERROR;
}
+ temp[0] = '?';
+ _asn1_ltostr (n + 1, temp + 1);
_asn1_set_name (p2, temp);
/* p2->type |= CONST_OPTION; */
+ result = _asn1_node_array_set (&node->numbered_children, n, p2);
+ if (result != ASN1_SUCCESS)
+ return result;
+ p2->parent = node;
return ASN1_SUCCESS;
}
diff --git a/lib/element.h b/lib/element.h
index 732054e9..b84e3a27 100644
--- a/lib/element.h
+++ b/lib/element.h
@@ -38,4 +38,14 @@ int _asn1_convert_integer (const unsigned char *value,
void _asn1_hierarchical_name (asn1_node_const node, char *name,
int name_size);
+static inline asn1_node_const
+_asn1_node_array_get (const struct asn1_node_array_st *array, size_t position)
+{
+ return position < array->size ? array->nodes[position] : NULL;
+}
+
+int
+_asn1_node_array_set (struct asn1_node_array_st *array, size_t position,
+ asn1_node node);
+
#endif
diff --git a/lib/int.h b/lib/int.h
index 4f2d98d1..41b12b0b 100644
--- a/lib/int.h
+++ b/lib/int.h
@@ -31,6 +31,12 @@
# define ASN1_SMALL_VALUE_SIZE 16
+struct asn1_node_array_st
+{
+ asn1_node *nodes;
+ size_t size;
+};
+
/* This structure is also in libtasn1.h, but then contains less
fields. You cannot make any modifications to these first fields
without breaking ABI. */
@@ -47,6 +53,8 @@ struct asn1_node_st
asn1_node left; /* Pointer to the next list element */
/* private fields: */
unsigned char small_value[ASN1_SMALL_VALUE_SIZE]; /* For small values */
+ asn1_node parent; /* Pointer to the parent node */
+ struct asn1_node_array_st numbered_children; /* Array of unnamed child nodes for caching */
/* values used during decoding/coding */
int tmp_ival;
diff --git a/lib/parser_aux.c b/lib/parser_aux.c
index 415905a0..4281cc97 100644
--- a/lib/parser_aux.c
+++ b/lib/parser_aux.c
@@ -126,6 +126,7 @@ asn1_find_node (asn1_node_const pointer, const char *name)
const char *n_start;
unsigned int nsize;
unsigned int nhash;
+ const struct asn1_node_array_st *numbered_children;
if (pointer == NULL)
return NULL;
@@ -209,6 +210,7 @@ asn1_find_node (asn1_node_const pointer, const char *name)
if (p->down == NULL)
return NULL;
+ numbered_children = &p->numbered_children;
p = p->down;
if (p == NULL)
return NULL;
@@ -222,6 +224,12 @@ asn1_find_node (asn1_node_const pointer, const char *name)
}
else
{ /* no "?LAST" */
+ if (n[0] == '?' && c_isdigit (n[1]))
+ {
+ long position = strtol (n + 1, NULL, 10);
+ if (position > 0 && position < LONG_MAX)
+ p = _asn1_node_array_get (numbered_children, position - 1);
+ }
while (p)
{
if (p->name_hash == nhash && !strcmp (p->name, n))
@@ -509,6 +517,8 @@ _asn1_remove_node (asn1_node node, unsigned int flags)
if (node->value != node->small_value)
free (node->value);
}
+
+ free (node->numbered_children.nodes);
free (node);
}
diff --git a/lib/structure.c b/lib/structure.c
index 9c95b9e2..32692ad2 100644
--- a/lib/structure.c
+++ b/lib/structure.c
@@ -31,6 +31,9 @@
#include <structure.h>
#include "parser_aux.h"
#include <gstr.h>
+#include "c-ctype.h"
+#include "element.h"
+#include <limits.h>
extern char _asn1_identifierMissing[];
@@ -391,6 +394,16 @@ asn1_delete_element (asn1_node structure, const char *element_name)
if (source_node == NULL)
return ASN1_ELEMENT_NOT_FOUND;
+ if (source_node->parent
+ && source_node->name[0] == '?'
+ && c_isdigit (source_node->name[1]))
+ {
+ long position = strtol (source_node->name + 1, NULL, 10);
+ if (position > 0 && position < LONG_MAX)
+ _asn1_node_array_set (&source_node->parent->numbered_children,
+ position - 1, NULL);
+ }
+
p2 = source_node->right;
p3 = _asn1_find_left (source_node);
if (!p3)
--
GitLab

90
fix-memleaks-in-asn1-arrat2tree.patch Normal file
View File

@ -0,0 +1,90 @@
From ea0e4fc2567edfc0d20141025837e2bd9c64c0cb Mon Sep 17 00:00:00 2001
From: opneErler BUildteam <buildteam@openeuler.org>
Date: Fri, 5 Jun 2020 15:46:37 +0800
Subject: [PATCH] fix memleaks in asn1 arrat2tree
---
lib/parser_aux.c | 2 +-
lib/structure.c | 20 ++++++++++++++------
2 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/lib/parser_aux.c b/lib/parser_aux.c
index c05bd23..e5e4cc3 100644
--- a/lib/parser_aux.c
+++ b/lib/parser_aux.c
@@ -766,7 +766,7 @@ _asn1_expand_object_id (list_type ** list, asn1_node node)
return ASN1_ELEMENT_NOT_FOUND;
_asn1_set_down (p, p2->right);
- if (p2->down)
+ while (p2->down)
_asn1_delete_structure (*list, &p2->down, 0);
_asn1_delete_node_from_list (*list, p2);
_asn1_remove_node (p2, 0);
diff --git a/lib/structure.c b/lib/structure.c
index 512dd60..13f02ba 100644
--- a/lib/structure.c
+++ b/lib/structure.c
@@ -207,13 +207,13 @@ asn1_array2tree (const asn1_static_node * array, asn1_node * definitions,
if (move == DOWN)
{
- if (p_last && p_last->down)
+ while (p_last && p_last->down)
_asn1_delete_structure (e_list, &p_last->down, 0);
_asn1_set_down (p_last, p);
}
else if (move == RIGHT)
{
- if (p_last && p_last->right)
+ while (p_last && p_last->right)
_asn1_delete_structure (e_list, &p_last->right, 0);
_asn1_set_right (p_last, p);
}
@@ -318,7 +318,7 @@ _asn1_delete_structure (list_type * e_list, asn1_node * structure,
unsigned int flags)
{
asn1_node p, p2, p3;
-
+ int flag_t = 1;
if (*structure == NULL)
return ASN1_ELEMENT_NOT_FOUND;
@@ -348,7 +348,11 @@ _asn1_delete_structure (list_type * e_list, asn1_node * structure,
{
p3 = _asn1_find_up (p);
if (p3)
+ {
_asn1_set_down (p3, p2);
+ p2 = NULL;
+ flag_t = 0;
+ }
else
{
if (p->right)
@@ -356,15 +360,19 @@ _asn1_delete_structure (list_type * e_list, asn1_node * structure,
}
}
else
- _asn1_set_right (p3, p2);
+ {
+ _asn1_set_right (p3,p2);
+ p2 = NULL;
+ flag_t = 0;
+ }
if (e_list)
_asn1_delete_node_from_list (e_list, p);
_asn1_remove_node (p, flags);
- p = NULL;
+ p = p2;
}
}
}
-
+if (flag_t)
*structure = NULL;
return ASN1_SUCCESS;
}
--
2.27.0

BIN
libtasn1-4.17.0.tar.gz
View File

Binary file not shown.

11
libtasn1-4.17.0.tar.gz.sig
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEmUFc4ZBdDlWp+IAmhgt/uzL4EZ0FAmCdXhAACgkQhgt/uzL4
EZ2U2wgApO/SsHff0JLFuYsEobTeMF5mCusi13JMjovJPYOLjgi6fYP0JnMWX66y
DG22L+lJmC1C9VOI4RViVm4EEGmtwCw1NAT4COjdFUwjPgbNqiesxGMpeneFPGyV
FR3riRvjLgc5JqmnZ+Loy/ON6Ex5Enx9RJr4ezDGi6c1eQzTd3hsJU2TnZJAdiLk
2mb0ZILNuZoJGrctxIEqiDMKGBqDAgZC9XD8J4ggwtBOQwH58/LSxA6yi87E7oLH
OQqJwh8IgSKVQ0FQfZU+4RmMREr08W/x74ybAUYzUrBn4cL3nJ2WcSo0POPNkQ8e
C+bk31OLvPezCgbV2s1nZRNWk/Th4w==
=ocLC
-----END PGP SIGNATURE-----

BIN
libtasn1-4.19.0.tar.gz Normal file
View File

Binary file not shown.

7
libtasn1-4.19.0.tar.gz.sig Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCYwUS9wAKCRBRcisI/kdF
ouWTAP95jlnitHZ2gCNZgtei9tEjdUVVL8CsFbQnvogFVUvieQD/XzHxaRGluLTh
DuHAJzrPScJUtPGImSUsoqcgozUv4w8=
=zX4n
-----END PGP SIGNATURE-----

24
libtasn1.spec
View File

@ -1,7 +1,7 @@
Summary: Libtasn1 is a ASN.1 parsing library
Name: libtasn1
Version: 4.17.0
Release: 1
Version: 4.19.0
Release: 2
# The libtasn1 library is LGPLv2+, utilities are GPLv3+
License: GPLv3+ and LGPLv2+
@ -9,6 +9,10 @@ URL: http://www.gnu.org/software/libtasn1/
Source0: http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz
Source1: http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz.sig
Patch0: fix-memleaks-in-asn1-arrat2tree.patch
Patch6001: backport-CVE-2024-12133-part1.patch
Patch6002: backport-CVE-2024-12133-part2.patch
BuildRequires: gcc, autoconf, automake, libtool, gnupg2, bison, pkgconfig, help2man
# when autoconf >= 2.71, the command autoreconf need gtk-doc package
BuildRequires: gtk-doc
@ -77,12 +81,24 @@ test "$1" = 0 -a -f %_infodir/%name.info.gz && \
%{_includedir}/*
%files help
%doc doc/TODO doc/*.pdf
%doc doc/TODO
%{_mandir}/man1/asn1*
%{_mandir}/man3/*asn1*
%{_infodir}/*.info.*
%changelog
* Fri Feb 07 2025 Funda Wang <fundawang@yeah.net> - 4.19.0-2
- fix CVE-2024-12133
* Thu Jul 13 2023 yixiangzhike <yixiangzhike007@163.com> - 4.19.0-1
- update to 4.19.0
* Tue Oct 25 2022 yixiangzhike <yixiangzhike007@163.com> - 4.17.0-3
- fix CVE-2021-46848
* Sat May 28 2022 yixiangzhike <yixiangzhike007@163.com> - 4.17.0-2
- fix fuzz issues
* Fri Dec 24 2021 yixiangzhike <yixiangzhike007@163.com> - 4.17.0-1
- update to 4.17.0
@ -95,7 +111,7 @@ test "$1" = 0 -a -f %_infodir/%name.info.gz && \
* Sat Jun 6 2020 lirui <lirui130@huawei.com> - 4.13-9
- fix fuzz issues
* Fri Mar 29 2020 whoisxxx <zhangxuzhou4@huawei.com> - 4.13-8
* Sun Mar 29 2020 whoisxxx <zhangxuzhou4@huawei.com> - 4.13-8
- Valgrind support specific arches
* Fri Mar 20 2020 wangye <wangye54@huawei.com> - 4.13-7