From: Dr. Stephen Henson Date: Thu, 31 Jul 2014 19:56:22 +0000 (+0100) Subject: Fix SRP buffer overrun vulnerability. X-Git-Tag: OpenSSL_1_0_2-beta3~112 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=53348780e9936f49b4ced7459e32d0bebbf9e8fa;p=oweals%2Fopenssl.git Fix SRP buffer overrun vulnerability. Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B < N to SRP code. Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC Group for reporting this issue. --- diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index 7c1dcc5111..83d417a308 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -89,6 +89,9 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) int longg ; int longN = BN_num_bytes(N); + if (BN_ucmp(g, N) >= 0) + return NULL; + if ((tmp = OPENSSL_malloc(longN)) == NULL) return NULL; BN_bn2bin(N,tmp) ; @@ -121,6 +124,9 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) if ((A == NULL) ||(B == NULL) || (N == NULL)) return NULL; + if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0) + return NULL; + longN= BN_num_bytes(N); if ((cAB = OPENSSL_malloc(2*longN)) == NULL)