aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2017-11-29 05:59:50 +0000
committerXin LI <delphij@FreeBSD.org>2017-11-29 05:59:50 +0000
commit743f9810cd12a22018ae29920d325dd9927d78bf (patch)
treec3dc92ec809b848dc4845e3a755abbaae20902a2
parentf8ea0a67d3893ae14d6cccf766bccd7226474cf9 (diff)
downloadsrc-743f9810cd12a22018ae29920d325dd9927d78bf.tar.gz
src-743f9810cd12a22018ae29920d325dd9927d78bf.zip
Fix OpenSSL out-of-bounds read vulnerability.
Security: FreeBSD-SA-17:11 Approved by: so
Notes
Notes: svn path=/releng/10.3/; revision=326359
-rw-r--r--UPDATING4
-rw-r--r--crypto/openssl/crypto/x509v3/v3_addr.c10
-rw-r--r--sys/conf/newvers.sh2
3 files changed, 11 insertions, 5 deletions
diff --git a/UPDATING b/UPDATING
index 3af542afba6e..1641f6137374 100644
--- a/UPDATING
+++ b/UPDATING
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG to bootstrap to the tip of
stable/10, and then rebuild without this option. The bootstrap process from
older version of current is a bit fragile.
+20171129 p25 FreeBSD-SA-17:11.openssl
+
+ Fix OpenSSL out-of-bounds read vulnerability.
+
20171115 p24 FreeBSD-SA-17:08.ptrace
FreeBSD-SA-17:09.shm
FreeBSD-SA-17:10.kldstat
diff --git a/crypto/openssl/crypto/x509v3/v3_addr.c b/crypto/openssl/crypto/x509v3/v3_addr.c
index 94cfed050910..8687cfcf419b 100644
--- a/crypto/openssl/crypto/x509v3/v3_addr.c
+++ b/crypto/openssl/crypto/x509v3/v3_addr.c
@@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi)
*/
unsigned int v3_addr_get_afi(const IPAddressFamily *f)
{
- return ((f != NULL &&
- f->addressFamily != NULL && f->addressFamily->data != NULL)
- ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
- : 0);
+ if (f == NULL
+ || f->addressFamily == NULL
+ || f->addressFamily->data == NULL
+ || f->addressFamily->length < 2)
+ return 0;
+ return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
}
/*
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 67e30091709f..9ae8f15eca6c 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="10.3"
-BRANCH="RELEASE-p24"
+BRANCH="RELEASE-p25"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi