diff options
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | debian/patches/check_null_sn_ln.patch | 30 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 32 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 95d6dbc5..33926fe3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,7 @@ shim (15+1533136590.3beb971-7) UNRELEASED; urgency=medium [ Steve McIntyre ] * Backport needed crash fixes: + VLogError(): Avoid NULL pointer dereferences in (V)Sprint calls + + Fix OBJ_create() to tolerate a NULL sn and ln -- Steve McIntyre <93sam@debian.org> Fri, 03 May 2019 01:39:34 +0100 diff --git a/debian/patches/check_null_sn_ln.patch b/debian/patches/check_null_sn_ln.patch new file mode 100644 index 00000000..b0ee4c4a --- /dev/null +++ b/debian/patches/check_null_sn_ln.patch @@ -0,0 +1,30 @@ +commit 3a9e237b1baddf0d3192755406befb3e9fa5ca80 +Author: dann frazier <dann.frazier@canonical.com> +Date: Thu Mar 7 19:55:42 2019 -0700 + + Fix OBJ_create() to tolerate a NULL sn and ln + + From: https://github.com/openssl/openssl/commit/f13615c5b828aeb8e3d9bf2545c803633d1c684f + + Apply an upstream patch from OpenSSL to tolerate a NULL sn. This avoids + a NULL pointer reference in shim.c:verify_eku(). This was discovered + because it causes a crash on ARM where, unlike x86, it does not necessarily + have memory mapped at 0x0. + + Fixes: 6c180c6004ac ("shim: verify Extended Key Usage flags") + Signed-off-by: dann frazier <dann.frazier@canonical.com> + +diff --git a/Cryptlib/OpenSSL/crypto/objects/obj_dat.c b/Cryptlib/OpenSSL/crypto/objects/obj_dat.c +index 259851b..9b850ed 100644 +--- a/Cryptlib/OpenSSL/crypto/objects/obj_dat.c ++++ b/Cryptlib/OpenSSL/crypto/objects/obj_dat.c +@@ -685,7 +685,8 @@ int OBJ_create(const char *oid, const char *sn, const char *ln) + int ok = 0; + + /* Check to see if short or long name already present */ +- if (OBJ_sn2nid(sn) != NID_undef || OBJ_ln2nid(ln) != NID_undef) { ++ if ((sn != NULL && OBJ_sn2nid(sn) != NID_undef) ++ || (ln != NULL && OBJ_ln2nid(ln) != NID_undef)) { + OBJerr(OBJ_F_OBJ_CREATE, OBJ_R_OID_EXISTS); + return 0; + } diff --git a/debian/patches/series b/debian/patches/series index 9cae2bbf..22d2577e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,4 @@ fixup_git.patch uname.patch avoid_null_vsprint.patch +check_null_sn_ln.patch |