aboutsummaryrefslogtreecommitdiffstats
path: root/security/rsaref
diff options
context:
space:
mode:
authorasami <asami@FreeBSD.org>1999-12-13 15:02:03 +0800
committerasami <asami@FreeBSD.org>1999-12-13 15:02:03 +0800
commit36ee58ea76e26822b57137e483b19e6f3230d17e (patch)
treef8e910a6d82a32a049b30007a9e249bdf9061041 /security/rsaref
parent99a863fceecdf7a7505887530ece0b60dce113f6 (diff)
downloadfreebsd-ports-gnome-36ee58ea76e26822b57137e483b19e6f3230d17e.tar.gz
freebsd-ports-gnome-36ee58ea76e26822b57137e483b19e6f3230d17e.tar.zst
freebsd-ports-gnome-36ee58ea76e26822b57137e483b19e6f3230d17e.zip
Fix buffer overflow problem properly.
Submitted by: kris Obtained from: bugtraq list (I believe)
Diffstat (limited to 'security/rsaref')
-rw-r--r--security/rsaref/files/patch-ac84
1 files changed, 46 insertions, 38 deletions
diff --git a/security/rsaref/files/patch-ac b/security/rsaref/files/patch-ac
index 3f442a44ab9f..f773b1c0effe 100644
--- a/security/rsaref/files/patch-ac
+++ b/security/rsaref/files/patch-ac
@@ -1,42 +1,50 @@
---- rsa.c.orig Fri Mar 25 14:01:48 1994
-+++ rsa.c Wed Dec 1 23:01:22 1999
-@@ -33,6 +33,9 @@
- unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen;
-
-+ if (inputLen + 3 > MAX_RSA_MODULUS_LEN)
-+ return (RE_LEN);
+*** rsa.original.c Fri Mar 26 14:01:48 1994
+--- rsa.c Fri Dec 10 12:56:34 1999
+***************
+*** 33,38 ****
+--- 33,41 ----
+ unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
+ unsigned int i, modulusLen;
+
++ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
++ return (RE_LEN);
+
- modulusLen = (publicKey->bits + 7) / 8;
- if (inputLen + 11 > modulusLen)
- return (RE_LEN);
-@@ -78,6 +81,9 @@
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen, pkcsBlockLen;
-
-+ if (inputLen > MAX_RSA_MODULUS_LEN)
-+ return (RE_LEN);
+ modulusLen = (publicKey->bits + 7) / 8;
+ if (inputLen + 11 > modulusLen)
+ return (RE_LEN);
+***************
+*** 78,83 ****
+--- 81,89 ----
+ unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
+ unsigned int i, modulusLen, pkcsBlockLen;
+
++ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
++ return (RE_LEN);
+
- modulusLen = (publicKey->bits + 7) / 8;
- if (inputLen > modulusLen)
- return (RE_LEN);
-@@ -129,6 +135,9 @@
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen;
-
-+ if (inputLen + 3 > MAX_RSA_MODULUS_LEN)
-+ return (RE_LEN);
+ modulusLen = (publicKey->bits + 7) / 8;
+ if (inputLen > modulusLen)
+ return (RE_LEN);
+***************
+*** 128,133 ****
+--- 134,142 ----
+ int status;
+ unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
+ unsigned int i, modulusLen;
+
- modulusLen = (privateKey->bits + 7) / 8;
- if (inputLen + 11 > modulusLen)
- return (RE_LEN);
-@@ -168,6 +177,9 @@
- unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
- unsigned int i, modulusLen, pkcsBlockLen;
-
-+ if (inputLen > MAX_RSA_MODULUS_LEN)
-+ return (RE_LEN);
++ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
++ return (RE_LEN);
+
+ modulusLen = (privateKey->bits + 7) / 8;
+ if (inputLen + 11 > modulusLen)
+***************
+*** 168,173 ****
+--- 177,185 ----
+ unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
+ unsigned int i, modulusLen, pkcsBlockLen;
+
++ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
++ return (RE_LEN);
+
- modulusLen = (privateKey->bits + 7) / 8;
- if (inputLen > modulusLen)
- return (RE_LEN);
+ modulusLen = (privateKey->bits + 7) / 8;
+ if (inputLen > modulusLen)
+ return (RE_LEN);