Commit 91c7a9f3 authored by J0WI's avatar J0WI
Browse files

main/libretls: patch CVE-2022-0778

parent a4f69150
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# Maintainer: Ariadne Conill <ariadne@dereferenced.org> # Maintainer: Ariadne Conill <ariadne@dereferenced.org>
pkgname=libretls pkgname=libretls
pkgver=3.3.4 pkgver=3.3.4
pkgrel=2 pkgrel=3
pkgdesc="port of libtls from libressl to openssl" pkgdesc="port of libtls from libressl to openssl"
arch="all" arch="all"
url="https://git.causal.agency/libretls/" url="https://git.causal.agency/libretls/"
...@@ -16,8 +16,13 @@ makedepends_build="$base_deps" ...@@ -16,8 +16,13 @@ makedepends_build="$base_deps"
subpackages="$pkgname-doc $pkgname-static $pkgname-dev" subpackages="$pkgname-doc $pkgname-static $pkgname-dev"
source="https://causal.agency/libretls/libretls-$pkgver.tar.gz source="https://causal.agency/libretls/libretls-$pkgver.tar.gz
CVE-2022-0778.patch
test_program.c" test_program.c"
# secfixes:
# 3.3.4-r3:
# - CVE-2022-0778
prepare() { prepare() {
default_prepare default_prepare
...@@ -55,5 +60,6 @@ check() { ...@@ -55,5 +60,6 @@ check() {
sha512sums=" sha512sums="
ae6f1b7bf9f61948e88ce87c93921b2b27652d85a95062f38abe7dfbb30d40c974c79b7d6faab43b3a987abff5e761b5c2a1982af8cc1511fb3136c580a0e3d6 libretls-3.3.4.tar.gz ae6f1b7bf9f61948e88ce87c93921b2b27652d85a95062f38abe7dfbb30d40c974c79b7d6faab43b3a987abff5e761b5c2a1982af8cc1511fb3136c580a0e3d6 libretls-3.3.4.tar.gz
e6371f3e2b071f9cd805562a81aa2a1e5cf141d3b8f05d03713deb9f4f13778fe1ec5c05a7a398bfe358442b5776e9905f4c9b78ec109a2c98c9f12473bb4ccf CVE-2022-0778.patch
71d36fe25c95a0a45497e3f699b01dddcaae9053dd1b1e2419df94272c47024cf6516c51c902129201061601b04a72551904b15a332a4cf53358983b5db73618 test_program.c 71d36fe25c95a0a45497e3f699b01dddcaae9053dd1b1e2419df94272c47024cf6516c51c902129201061601b04a72551904b15a332a4cf53358983b5db73618 test_program.c
" "
From 3a4ec28b238edf9d85759b7a3d78fd85e4d5aaef Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Sat, 12 Mar 2022 11:26:23 -0600
Subject: [PATCH] add infinite loop fix in BN_mod_sqrt
---
patches/bn_sqrt.patch | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
create mode 100644 patches/bn_sqrt.patch
diff --git a/patches/bn_sqrt.patch b/patches/bn_sqrt.patch
new file mode 100644
index 000000000..495de3120
--- /dev/null
+++ b/patches/bn_sqrt.patch
@@ -0,0 +1,38 @@
+--- crypto/bn/bn_sqrt.c.orig Fri Feb 18 16:30:39 2022
++++ crypto/bn/bn_sqrt.c Sat Mar 12 11:23:53 2022
+@@ -351,21 +351,22 @@
+ goto vrfy;
+ }
+
+-
+- /* find smallest i such that b^(2^i) = 1 */
+- i = 1;
+- if (!BN_mod_sqr(t, b, p, ctx))
+- goto end;
+- while (!BN_is_one(t)) {
+- i++;
+- if (i == e) {
+- BNerror(BN_R_NOT_A_SQUARE);
+- goto end;
++ /* Find the smallest i with 0 < i < e such that b^(2^i) = 1. */
++ for (i = 1; i < e; i++) {
++ if (i == 1) {
++ if (!BN_mod_sqr(t, b, p, ctx))
++ goto end;
++ } else {
++ if (!BN_mod_sqr(t, t, p, ctx))
++ goto end;
+ }
+- if (!BN_mod_mul(t, t, t, p, ctx))
+- goto end;
++ if (BN_is_one(t))
++ break;
+ }
+-
++ if (i >= e) {
++ BNerror(BN_R_NOT_A_SQUARE);
++ goto end;
++ }
+
+ /* t := y^2^(e - i - 1) */
+ if (!BN_copy(t, y))
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment