From 3ff55e9680cc99f330f25e48cd1422e3459c02de Mon Sep 17 00:00:00 2001 From: "Mark J. Cox" Date: Thu, 28 Sep 2006 13:18:43 +0000 Subject: [PATCH] Fix buffer overflow in SSL_get_shared_ciphers() function. (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] Fix SSL client code which could crash if connecting to a malicious SSLv2 server. (CVE-2006-4343) [Tavis Ormandy and Will Drewry, Google Security Team] --- CHANGES | 21 +++++++++++++++++++++ ssl/s2_clnt.c | 3 ++- ssl/s3_srvr.c | 2 +- ssl/ssl_lib.c | 2 +- 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 93db3118e..11988efbf 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,13 @@ Changes between 0.9.8d and 0.9.9 [xx XXX xxxx] + *) Fix buffer overflow in SSL_get_shared_ciphers() function. + (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] + + *) Fix SSL client code which could crash if connecting to a + malicious SSLv2 server. (CVE-2006-4343) + [Tavis Ormandy and Will Drewry, Google Security Team] + *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected to external functions. This can be used to increase CRL handling efficiency especially when CRLs are very large by (for example) storing @@ -408,6 +415,20 @@ Changes between 0.9.8c and 0.9.8d [xx XXX xxxx] + *) Introduce limits to prevent malicious keys being able to + cause a denial of service. (CVE-2006-2940) + [Steve Henson, Bodo Moeller] + + *) Fix ASN.1 parsing of certain invalid structures that can result + in a denial of service. (CVE-2006-2937) [Steve Henson] + + *) Fix buffer overflow in SSL_get_shared_ciphers() function. + (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] + + *) Fix SSL client code which could crash if connecting to a + malicious SSLv2 server. (CVE-2006-4343) + [Tavis Ormandy and Will Drewry, Google Security Team] + *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites match only those. Before that, "AES256-SHA" would be interpreted as a pattern and match "AES128-SHA" too (since AES128-SHA got diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 89f3f7d75..d9750d093 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -520,7 +520,8 @@ static int get_server_hello(SSL *s) CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509); } - if (s->session->peer != s->session->sess_cert->peer_key->x509) + if (s->session->sess_cert == NULL + || s->session->peer != s->session->sess_cert->peer_key->x509) /* can't happen */ { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 85fa6849a..a83f8ac76 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2089,7 +2089,7 @@ int ssl3_get_client_key_exchange(SSL *s) if (kssl_ctx->client_princ) { - int len = strlen(kssl_ctx->client_princ); + size_t len = strlen(kssl_ctx->client_princ); if ( len < SSL_MAX_KRB5_PRINCIPAL_LENGTH ) { s->session->krb5_client_princ_len = len; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a8bc044cb..44f82eb3e 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1272,7 +1272,7 @@ char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) c=sk_SSL_CIPHER_value(sk,i); for (cp=c->name; *cp; ) { - if (len-- == 0) + if (len-- <= 0) { *p='\0'; return(buf);