Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 182099 Details for
Bug 258011
sci-misc/boinc: "RSA_public_decrypt()" Spoofing Vulnerability
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
RSA_Spoofing_Vulnerability.patch
RSA_Spoofing_Vulnerability.patch (text/plain), 2.65 KB, created by
Pierrot Rey
on 2009-02-15 07:50:33 UTC
(
hide
)
Description:
RSA_Spoofing_Vulnerability.patch
Filename:
MIME Type:
Creator:
Pierrot Rey
Created:
2009-02-15 07:50:33 UTC
Size:
2.65 KB
patch
obsolete
>--- boinc-6.4.5/lib/crypt.cpp 2009-02-15 05:27:43.284347370 +0100 >+++ boinc-6.4.5/lib/crypt.cpp 2009-02-15 05:31:25.554348346 +0100 >@@ -243,7 +243,7 @@ > // The output block must be decrypted in its entirety. > // > int encrypt_private(R_RSA_PRIVATE_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) { >- int n, modulus_len; >+ int n, modulus_len, retval; > > modulus_len = (key.bits+7)/8; > n = in.len; >@@ -252,17 +252,27 @@ > } > RSA* rp = RSA_new(); > private_to_openssl(key, rp); >- RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING); >+ retval = RSA_private_encrypt(n, in.data, out.data, rp, RSA_PKCS1_PADDING); >+ if (retval < 0) { >+ RSA_free(rp); >+ return ERR_CRYPTO; >+ } > out.len = RSA_size(rp); > RSA_free(rp); > return 0; > } > > int decrypt_public(R_RSA_PUBLIC_KEY& key, DATA_BLOCK& in, DATA_BLOCK& out) { >+ int retval; > RSA* rp = RSA_new(); > public_to_openssl(key, rp); >- RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING); >+ retval = RSA_public_decrypt(in.len, in.data, out.data, rp, RSA_PKCS1_PADDING); >+ if (retval < 0) { >+ RSA_free(rp); >+ return ERR_CRYPTO; >+ } > out.len = RSA_size(rp); >+ RSA_free(rp); > return 0; > } > >@@ -684,4 +694,4 @@ > return verified; > } > >-const char *BOINC_RCSID_4f0c2e42ea = "$Id: crypt.cpp 16069 2008-09-26 18:20:24Z davea $"; >+const char *BOINC_RCSID_4f0c2e42ea = "$Id: crypt.cpp 16883 2009-01-12 16:36:14Z davea $"; > > >--- boinc-6.4.5/lib/str_util.cpp 2009-02-15 05:27:43.292347379 +0100 >+++ boinc-6.4.5/lib/str_util.cpp 2009-02-15 05:31:25.560347422 +0100 >@@ -735,6 +735,7 @@ > case ERR_RMDIR: return "rmdir() failed"; > case ERR_SYMLINK: return "symlink() failed"; > case ERR_DB_CONN_LOST: return "DB connection lost during enumeration"; >+ case ERR_CRYPTO: return "encryption error"; > case 404: return "HTTP file not found"; > case 407: return "HTTP proxy authentication failure"; > case 416: return "HTTP range request error"; >@@ -876,4 +877,4 @@ > return retval; > } > >-const char *BOINC_RCSID_ab90e1e = "$Id: str_util.cpp 16069 2008-09-26 18:20:24Z davea $"; >+const char *BOINC_RCSID_ab90e1e = "$Id: str_util.cpp 16883 2009-01-12 16:36:14Z davea $"; > > >--- boinc-6.4.5/lib/error_numbers.h 2009-02-15 05:27:43.290347301 +0100 >+++ boinc-6.4.5/lib/error_numbers.h 2009-02-15 05:31:25.558348407 +0100 >@@ -185,6 +185,7 @@ > #define ERR_RMDIR -227 > #define ERR_SYMLINK -229 > #define ERR_DB_CONN_LOST -230 >+#define ERR_CRYPTO -231 > > // PLEASE: add a text description of your error to > // the text description function boincerror() in str_util.C. >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=182099">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 258011
: 182099 |
182100
|
182292
