Overview

File openssl-CVE-2023-0286.patch of Package openssl-1_1.28461

commit a72082b1fd459bc6355c0d6e0ac5f28a34ae73b0
Author: Hugo Landau <hlandau@openssl.org>
Date:   Tue Jan 17 17:45:42 2023 +0000

    CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address (1.1.1)

--- a/crypto/x509v3/v3_genn.c	
+++ a/crypto/x509v3/v3_genn.c	
@@ -98,7 +98,7 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
         return -1;
     switch (a->type) {
     case GEN_X400:
-        result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
+        result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address);
         break;
 
     case GEN_EDIPARTY:
--- a/include/openssl/x509v3.h	
+++ a/include/openssl/x509v3.h	
@@ -136,7 +136,7 @@ typedef struct GENERAL_NAME_st {
         OTHERNAME *otherName;   /* otherName */
         ASN1_IA5STRING *rfc822Name;
         ASN1_IA5STRING *dNSName;
-        ASN1_TYPE *x400Address;
+        ASN1_STRING *x400Address;
         X509_NAME *directoryName;
         EDIPARTYNAME *ediPartyName;
         ASN1_IA5STRING *uniformResourceIdentifier;
--- a/test/v3nametest.c	
+++ a/test/v3nametest.c	
@@ -646,6 +646,16 @@ static struct gennamedata {
             0xb7, 0x09, 0x02, 0x02
         },
         15
+    }, {
+        /*
+         * Malformed encoding of a `[3] ORAddress`.
+         * Regression test for CVE-2023-0286.
+         */
+        {
+            0xa3, 0x0e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0c,
+            0xef, 0xcd, 0xab, 0x89, 0x67, 0x45, 0x23, 0x01,
+        },
+        16
     }
 };
openSUSE Build Service is sponsored by
Places