upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-04 06:15:33 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/crypto/openssl/crypto
History
Viktor Dukhovni 2ca683b2a5 openssl: Avoid type errors in EAI-related name check logic. 
The incorrectly typed data is read only, used in a compare operation, so
neither remote code execution, nor memory content disclosure were possible.
However, applications performing certificate name checks were vulnerable to
denial of service.

The GENERAL_TYPE data type is a union, and we must take care to access the
correct member, based on `gen->type`, not all the member fields have the same
structure, and a segfault is possible if the wrong member field is read.

The code in question was lightly refactored with the intent to make it more
obviously correct.

Security:	CVE-2024-6119
Obtained from:	OpenSSL Project

(cherry picked from commit 1486960d6cdb052e4fc0109a56a0597b4e902ba1)
(cherry picked from commit 5946b0c6cb)

Approved by:	so
2024-09-05 08:08:53 +02:00
..
aes OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
aria Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
asn1 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
async OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
bf Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
bio Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
bn OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
buffer Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
camellia Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
cast Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
chacha OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
cmac Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
cmp OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
cms OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
comp Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
conf OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
crmf Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ct Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
des Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
dh OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
dsa OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
dso OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
ec OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
encode_decode OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
engine OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
err OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
ess Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
evp OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
ffc OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
hmac Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
http OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
idea Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
kdf Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
lhash OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
md2 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
md4 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
md5 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
mdc2 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
modes OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
objects OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
ocsp Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
pem OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
perlasm OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
pkcs7 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
pkcs12 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
poly1305 OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
property OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
rand OpenSSL: update to 3.0.10 2023-08-10 12:07:32 -04:00
rc2 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
rc4 OpenSSL: update to 3.0.10 2023-08-10 12:07:32 -04:00
rc5 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ripemd Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
rsa OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
seed Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sha OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
siphash Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sm2 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sm3 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sm4 Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
srp OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
stack Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
store OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
ts Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
txt_db Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ui Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
whrlpool Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
x509 openssl: Avoid type errors in EAI-related name check logic. 2024-09-05 08:08:53 +02:00
alphacpuid.pl OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
arm64cpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
arm_arch.h OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
armcap.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
armv4cpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
asn1_dsa.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
bsearch.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
build.info OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
c64xpluscpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
context.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
core_algorithm.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
core_fetch.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
core_namemap.c OpenSSL: update to 3.0.10 2023-08-10 12:07:32 -04:00
cpt_err.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
cpuid.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
cryptlib.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ctype.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
cversion.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
der_writer.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
dllmain.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ebcdic.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ex_data.c OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
getenv.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ia64cpuid.S Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
info.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
init.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
initthread.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
LPdir_nyi.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
LPdir_unix.c OpenSSL: update to 3.0.10 2023-08-10 12:07:32 -04:00
LPdir_vms.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
LPdir_win.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
LPdir_win32.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
LPdir_wince.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
mem.c OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
mem_clr.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
mem_sec.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
mips_arch.h Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
o_dir.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
o_fopen.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
o_init.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
o_str.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
o_time.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
packet.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
param_build.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
param_build_set.c OpenSSL: update to 3.0.12 2023-10-25 16:20:31 -04:00
params.c OpenSSL: update to 3.0.10 2023-08-10 12:07:32 -04:00
params_dup.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
params_from_text.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
pariscid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
passphrase.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ppccap.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
ppccpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
provider.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
provider_child.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
provider_conf.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
provider_core.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
provider_local.h Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
provider_predefined.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
punycode.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
README-sparse_array.md Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
s390x_arch.h Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
s390xcap.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
s390xcpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
self_test_core.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sparccpuid.S Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sparcv9cap.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
sparse_array.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
threads_lib.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
threads_none.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
threads_pthread.c OpenSSL: update to 3.0.11 2023-10-12 14:46:11 -04:00
threads_win.c OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-05 08:06:08 -08:00
trace.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
uid.c Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
vms_rms.h Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
x86_64cpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00
x86cpuid.pl Merge OpenSSL 3.0.9 2023-06-23 18:53:36 -04:00