svn commit: r312863 - stable/10/crypto/openssl/crypto/evp
Xin LI
delphij at FreeBSD.org
Fri Jan 27 07:45:08 UTC 2017
Author: delphij
Date: Fri Jan 27 07:45:06 2017
New Revision: 312863
URL: https://svnweb.freebsd.org/changeset/base/312863
Log:
Backport OpenSSL commit 56336b6c7a75ed28067cadedd8ac46572348bc2f:
crypto/evp: harden RC4_MD5 cipher.
Originally a crash in 32-bit build was reported CHACHA20-POLY1305
cipher. The crash is triggered by truncated packet and is result
of excessive hashing to the edge of accessible memory (or bogus
MAC value is produced if x86 MD5 assembly module is involved). Since
hash operation is read-only it is not considered to be exploitable
beyond a DoS condition.
Thanks to Robert Święcki for report.
This is a direct commit to stable/10.
Security: CVE-2017-3731
Modified:
stable/10/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
Modified: stable/10/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
==============================================================================
--- stable/10/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c Fri Jan 27 05:59:26 2017 (r312862)
+++ stable/10/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c Fri Jan 27 07:45:06 2017 (r312863)
@@ -267,6 +267,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_
len = p[arg - 2] << 8 | p[arg - 1];
if (!ctx->encrypt) {
+ if (len < MD5_DIGEST_LENGTH)
+ return -1;
len -= MD5_DIGEST_LENGTH;
p[arg - 2] = len >> 8;
p[arg - 1] = len;
More information about the svn-src-stable
mailing list