Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 4 Jan 2018 01:21:24 +0000 (UTC)
From:      Jung-uk Kim <jkim@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org
Subject:   svn commit: r327537 - in stable/8/crypto/openssl: crypto/asn1 crypto/bio crypto/bn crypto/dsa crypto/evp crypto/mdc2 crypto/x509 doc/apps ssl
Message-ID:  <201801040121.w041LOUA075068@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: jkim
Date: Thu Jan  4 01:21:24 2018
New Revision: 327537
URL: https://svnweb.freebsd.org/changeset/base/327537

Log:
  MFS:	r295060, r296462, r296597-296598, r299053, r306229, r306335, r308200
  
  Sync. OpenSSL with stable/9.
  
  r295060 (delphij):
  Fix OpenSSL SSLv2 ciphersuite downgrade vulnerability. [SA-16:11]
  
  r296462, r296597-296598 (delphij):
  Fix multiple OpenSSL vulnerabilities. [SA-16:12]
  
  r299053 (delphij):
  Fix several OpenSSL vulnerabilities. [SA-16:17]
  
  r306229, r306335 (delphij):
  Fix multiple OpenSSL vulnerabilities. [SA-16:26]
  
  r308200 (delphij):
  Fix OpenSSL remote DoS vulnerability. [SA-16:35]
  
  Requested by:	danfe

Modified:
  stable/8/crypto/openssl/crypto/asn1/a_type.c
  stable/8/crypto/openssl/crypto/asn1/tasn_dec.c
  stable/8/crypto/openssl/crypto/asn1/tasn_enc.c
  stable/8/crypto/openssl/crypto/bio/b_print.c
  stable/8/crypto/openssl/crypto/bn/bn.h
  stable/8/crypto/openssl/crypto/bn/bn_exp.c
  stable/8/crypto/openssl/crypto/bn/bn_print.c
  stable/8/crypto/openssl/crypto/dsa/dsa_ossl.c
  stable/8/crypto/openssl/crypto/evp/encode.c
  stable/8/crypto/openssl/crypto/evp/evp_enc.c
  stable/8/crypto/openssl/crypto/mdc2/mdc2dgst.c
  stable/8/crypto/openssl/crypto/x509/x509_obj.c
  stable/8/crypto/openssl/doc/apps/ciphers.pod
  stable/8/crypto/openssl/ssl/d1_both.c
  stable/8/crypto/openssl/ssl/d1_clnt.c
  stable/8/crypto/openssl/ssl/d1_lib.c
  stable/8/crypto/openssl/ssl/d1_pkt.c
  stable/8/crypto/openssl/ssl/d1_srvr.c
  stable/8/crypto/openssl/ssl/s2_lib.c
  stable/8/crypto/openssl/ssl/s2_srvr.c
  stable/8/crypto/openssl/ssl/s3_clnt.c
  stable/8/crypto/openssl/ssl/s3_pkt.c
  stable/8/crypto/openssl/ssl/s3_srvr.c
  stable/8/crypto/openssl/ssl/ssl.h
  stable/8/crypto/openssl/ssl/ssl3.h
  stable/8/crypto/openssl/ssl/ssl_err.c
  stable/8/crypto/openssl/ssl/ssl_lib.c
  stable/8/crypto/openssl/ssl/ssl_locl.h
  stable/8/crypto/openssl/ssl/ssl_sess.c
  stable/8/crypto/openssl/ssl/t1_lib.c

Modified: stable/8/crypto/openssl/crypto/asn1/a_type.c
==============================================================================
--- stable/8/crypto/openssl/crypto/asn1/a_type.c	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/asn1/a_type.c	Thu Jan  4 01:21:24 2018	(r327537)
@@ -123,9 +123,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE 
         result = 0;             /* They do not have content. */
         break;
     case V_ASN1_INTEGER:
-    case V_ASN1_NEG_INTEGER:
     case V_ASN1_ENUMERATED:
-    case V_ASN1_NEG_ENUMERATED:
     case V_ASN1_BIT_STRING:
     case V_ASN1_OCTET_STRING:
     case V_ASN1_SEQUENCE:

Modified: stable/8/crypto/openssl/crypto/asn1/tasn_dec.c
==============================================================================
--- stable/8/crypto/openssl/crypto/asn1/tasn_dec.c	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/asn1/tasn_dec.c	Thu Jan  4 01:21:24 2018	(r327537)
@@ -901,9 +901,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char
         break;
 
     case V_ASN1_INTEGER:
-    case V_ASN1_NEG_INTEGER:
     case V_ASN1_ENUMERATED:
-    case V_ASN1_NEG_ENUMERATED:
         tint = (ASN1_INTEGER **)pval;
         if (!c2i_ASN1_INTEGER(tint, &cont, len))
             goto err;

Modified: stable/8/crypto/openssl/crypto/asn1/tasn_enc.c
==============================================================================
--- stable/8/crypto/openssl/crypto/asn1/tasn_enc.c	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/asn1/tasn_enc.c	Thu Jan  4 01:21:24 2018	(r327537)
@@ -610,9 +610,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout
         break;
 
     case V_ASN1_INTEGER:
-    case V_ASN1_NEG_INTEGER:
     case V_ASN1_ENUMERATED:
-    case V_ASN1_NEG_ENUMERATED:
         /*
          * These are all have the same content format as ASN1_INTEGER
          */

Modified: stable/8/crypto/openssl/crypto/bio/b_print.c
==============================================================================
--- stable/8/crypto/openssl/crypto/bio/b_print.c	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/bio/b_print.c	Thu Jan  4 01:21:24 2018	(r327537)
@@ -122,20 +122,20 @@
 #  define LLONG long long
 # endif
 #else
-# define LLONG long
-#endif
-
-static void fmtstr(char **, char **, size_t *, size_t *,
-                   const char *, int, int, int);
-static void fmtint(char **, char **, size_t *, size_t *,
-                   LLONG, int, int, int, int);
-static void fmtfp(char **, char **, size_t *, size_t *,
-                  LDOUBLE, int, int, int);
-static void doapr_outch(char **, char **, size_t *, size_t *, int);
-static void _dopr(char **sbuffer, char **buffer,
-                  size_t *maxlen, size_t *retlen, int *truncated,
-                  const char *format, va_list args);
-
+# define LLONG long
+#endif
+
+static int fmtstr(char **, char **, size_t *, size_t *,
+                   const char *, int, int, int);
+static int fmtint(char **, char **, size_t *, size_t *,
+                   LLONG, int, int, int, int);
+static int fmtfp(char **, char **, size_t *, size_t *,
+                  LDOUBLE, int, int, int);
+static int doapr_outch(char **, char **, size_t *, size_t *, int);
+static int _dopr(char **sbuffer, char **buffer,
+                  size_t *maxlen, size_t *retlen, int *truncated,
+                  const char *format, va_list args);
+
 /* format read states */
 #define DP_S_DEFAULT    0
 #define DP_S_FLAGS      1
@@ -162,13 +162,13 @@ static void _dopr(char **sbuffer, char **buffer,
 #define DP_C_LLONG      4
 
 /* some handy macros */
-#define char_to_int(p) (p - '0')
-#define OSSL_MAX(p,q) ((p >= q) ? p : q)
-
-static void
-_dopr(char **sbuffer,
-      char **buffer,
-      size_t *maxlen,
+#define char_to_int(p) (p - '0')
+#define OSSL_MAX(p,q) ((p >= q) ? p : q)
+
+static int
+_dopr(char **sbuffer,
+      char **buffer,
+      size_t *maxlen,
       size_t *retlen, int *truncated, const char *format, va_list args)
 {
     char ch;
@@ -193,13 +193,14 @@ _dopr(char **sbuffer,
 
         switch (state) {
         case DP_S_DEFAULT:
-            if (ch == '%')
-                state = DP_S_FLAGS;
-            else
-                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
-            ch = *format++;
-            break;
-        case DP_S_FLAGS:
+            if (ch == '%')
+                state = DP_S_FLAGS;
+            else
+                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
+                    return 0;
+            ch = *format++;
+            break;
+        case DP_S_FLAGS:
             switch (ch) {
             case '-':
                 flags |= DP_F_MINUS;
@@ -299,14 +300,15 @@ _dopr(char **sbuffer,
                     value = va_arg(args, LLONG);
                     break;
                 default:
-                    value = va_arg(args, int);
-                    break;
-                }
-                fmtint(sbuffer, buffer, &currlen, maxlen,
-                       value, 10, min, max, flags);
-                break;
-            case 'X':
-                flags |= DP_F_UP;
+                    value = va_arg(args, int);
+                    break;
+                }
+                if (!fmtint(sbuffer, buffer, &currlen, maxlen, value, 10, min,
+                            max, flags))
+                    return 0;
+                break;
+            case 'X':
+                flags |= DP_F_UP;
                 /* FALLTHROUGH */
             case 'x':
             case 'o':
@@ -323,23 +325,25 @@ _dopr(char **sbuffer,
                     value = va_arg(args, unsigned LLONG);
                     break;
                 default:
-                    value = (LLONG) va_arg(args, unsigned int);
-                    break;
-                }
-                fmtint(sbuffer, buffer, &currlen, maxlen, value,
-                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
-                       min, max, flags);
-                break;
-            case 'f':
-                if (cflags == DP_C_LDOUBLE)
-                    fvalue = va_arg(args, LDOUBLE);
-                else
-                    fvalue = va_arg(args, double);
-                fmtfp(sbuffer, buffer, &currlen, maxlen,
-                      fvalue, min, max, flags);
-                break;
-            case 'E':
-                flags |= DP_F_UP;
+                    value = (LLONG) va_arg(args, unsigned int);
+                    break;
+                }
+                if (!fmtint(sbuffer, buffer, &currlen, maxlen, value,
+                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
+                            min, max, flags))
+                    return 0;
+                break;
+            case 'f':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                if (!fmtfp(sbuffer, buffer, &currlen, maxlen, fvalue, min, max,
+                           flags))
+                    return 0;
+                break;
+            case 'E':
+                flags |= DP_F_UP;
             case 'e':
                 if (cflags == DP_C_LDOUBLE)
                     fvalue = va_arg(args, LDOUBLE);
@@ -352,30 +356,33 @@ _dopr(char **sbuffer,
                 if (cflags == DP_C_LDOUBLE)
                     fvalue = va_arg(args, LDOUBLE);
                 else
-                    fvalue = va_arg(args, double);
-                break;
-            case 'c':
-                doapr_outch(sbuffer, buffer, &currlen, maxlen,
-                            va_arg(args, int));
-                break;
-            case 's':
-                strvalue = va_arg(args, char *);
+                    fvalue = va_arg(args, double);
+                break;
+            case 'c':
+                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen,
+                            va_arg(args, int)))
+                    return 0;
+                break;
+            case 's':
+                strvalue = va_arg(args, char *);
                 if (max < 0) {
                     if (buffer)
                         max = INT_MAX;
-                    else
-                        max = *maxlen;
-                }
-                fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
-                       flags, min, max);
-                break;
-            case 'p':
-                value = (long)va_arg(args, void *);
-                fmtint(sbuffer, buffer, &currlen, maxlen,
-                       value, 16, min, max, flags | DP_F_NUM);
-                break;
-            case 'n':          /* XXX */
-                if (cflags == DP_C_SHORT) {
+                    else
+                        max = *maxlen;
+                }
+                if (!fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
+                            flags, min, max))
+                    return 0;
+                break;
+            case 'p':
+                value = (long)va_arg(args, void *);
+                if (!fmtint(sbuffer, buffer, &currlen, maxlen,
+                            value, 16, min, max, flags | DP_F_NUM))
+                    return 0;
+                break;
+            case 'n':          /* XXX */
+                if (cflags == DP_C_SHORT) {
                     short int *num;
                     num = va_arg(args, short int *);
                     *num = currlen;
@@ -391,13 +398,14 @@ _dopr(char **sbuffer,
                     int *num;
                     num = va_arg(args, int *);
                     *num = currlen;
-                }
-                break;
-            case '%':
-                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
-                break;
-            case 'w':
-                /* not supported yet, treat as next char */
+                }
+                break;
+            case '%':
+                if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, ch))
+                    return 0;
+                break;
+            case 'w':
+                /* not supported yet, treat as next char */
                 ch = *format++;
                 break;
             default:
@@ -415,52 +423,62 @@ _dopr(char **sbuffer,
             break;
         }
     }
-    *truncated = (currlen > *maxlen - 1);
-    if (*truncated)
-        currlen = *maxlen - 1;
-    doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
-    *retlen = currlen - 1;
-    return;
-}
-
-static void
-fmtstr(char **sbuffer,
-       char **buffer,
-       size_t *currlen,
-       size_t *maxlen, const char *value, int flags, int min, int max)
-{
-    int padlen, strln;
-    int cnt = 0;
-
-    if (value == 0)
-        value = "<NULL>";
-    for (strln = 0; value[strln]; ++strln) ;
-    padlen = min - strln;
-    if (padlen < 0)
-        padlen = 0;
-    if (flags & DP_F_MINUS)
-        padlen = -padlen;
-
-    while ((padlen > 0) && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        --padlen;
-        ++cnt;
-    }
-    while (*value && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
-        ++cnt;
-    }
-    while ((padlen < 0) && (cnt < max)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        ++padlen;
-        ++cnt;
-    }
-}
-
-static void
-fmtint(char **sbuffer,
-       char **buffer,
-       size_t *currlen,
+    *truncated = (currlen > *maxlen - 1);
+    if (*truncated)
+        currlen = *maxlen - 1;
+    if(!doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'))
+        return 0;
+    *retlen = currlen - 1;
+    return 1;
+}
+
+static int
+fmtstr(char **sbuffer,
+       char **buffer,
+       size_t *currlen,
+       size_t *maxlen, const char *value, int flags, int min, int max)
+{
+    int padlen;
+    size_t strln;
+    int cnt = 0;
+
+    if (value == 0)
+        value = "<NULL>";
+
+    strln = strlen(value);
+    if (strln > INT_MAX)
+        strln = INT_MAX;
+
+    padlen = min - strln;
+    if (min < 0 || padlen < 0)
+        padlen = 0;
+    if (flags & DP_F_MINUS)
+        padlen = -padlen;
+
+    while ((padlen > 0) && (cnt < max)) {
+        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+            return 0;
+        --padlen;
+        ++cnt;
+    }
+    while (*value && (cnt < max)) {
+        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *value++))
+            return 0;
+        ++cnt;
+    }
+    while ((padlen < 0) && (cnt < max)) {
+        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+            return 0;
+        ++padlen;
+        ++cnt;
+    }
+    return 1;
+}
+
+static int
+fmtint(char **sbuffer,
+       char **buffer,
+       size_t *currlen,
        size_t *maxlen, LLONG value, int base, int min, int max, int flags)
 {
     int signvalue = 0;
@@ -514,43 +532,50 @@ fmtint(char **sbuffer,
     }
     if (flags & DP_F_MINUS)
         spadlen = -spadlen;
-
-    /* spaces */
-    while (spadlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        --spadlen;
-    }
-
-    /* sign */
-    if (signvalue)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
-    /* prefix */
-    while (*prefix) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix);
-        prefix++;
-    }
-
-    /* zeros */
-    if (zpadlen > 0) {
-        while (zpadlen > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
-            --zpadlen;
-        }
-    }
-    /* digits */
-    while (place > 0)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
-
-    /* left justified spaces */
-    while (spadlen < 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        ++spadlen;
-    }
-    return;
-}
-
-static LDOUBLE abs_val(LDOUBLE value)
+
+    /* spaces */
+    while (spadlen > 0) {
+        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+            return 0;
+        --spadlen;
+    }
+
+    /* sign */
+    if (signvalue)
+        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+            return 0;
+
+    /* prefix */
+    while (*prefix) {
+        if(!doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix))
+            return 0;
+        prefix++;
+    }
+
+    /* zeros */
+    if (zpadlen > 0) {
+        while (zpadlen > 0) {
+            if(!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+                return 0;
+            --zpadlen;
+        }
+    }
+    /* digits */
+    while (place > 0) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]))
+            return 0;
+    }
+
+    /* left justified spaces */
+    while (spadlen < 0) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+            return 0;
+        ++spadlen;
+    }
+    return 1;
+}
+
+static LDOUBLE abs_val(LDOUBLE value)
 {
     LDOUBLE result = value;
     if (value < 0)
@@ -575,13 +600,13 @@ static long roundv(LDOUBLE value)
     value = value - intpart;
     if (value >= 0.5)
         intpart++;
-    return intpart;
-}
-
-static void
-fmtfp(char **sbuffer,
-      char **buffer,
-      size_t *currlen,
+    return intpart;
+}
+
+static int
+fmtfp(char **sbuffer,
+      char **buffer,
+      size_t *currlen,
       size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
 {
     int signvalue = 0;
@@ -657,88 +682,108 @@ fmtfp(char **sbuffer,
         padlen = 0;
     if (flags & DP_F_MINUS)
         padlen = -padlen;
-
-    if ((flags & DP_F_ZERO) && (padlen > 0)) {
-        if (signvalue) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-            --padlen;
-            signvalue = 0;
-        }
-        while (padlen > 0) {
-            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
-            --padlen;
-        }
-    }
-    while (padlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        --padlen;
-    }
-    if (signvalue)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
-
-    while (iplace > 0)
-        doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
-
-    /*
-     * Decimal point. This should probably use locale to find the correct
-     * char to print out.
-     */
-    if (max > 0 || (flags & DP_F_NUM)) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
-
-        while (fplace > 0)
-            doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
-    }
-    while (zpadlen > 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
-        --zpadlen;
-    }
-
-    while (padlen < 0) {
-        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
-        ++padlen;
-    }
-}
-
-static void
-doapr_outch(char **sbuffer,
-            char **buffer, size_t *currlen, size_t *maxlen, int c)
-{
-    /* If we haven't at least one buffer, someone has doe a big booboo */
-    assert(*sbuffer != NULL || buffer != NULL);
-
-    if (buffer) {
-        while (*currlen >= *maxlen) {
-            if (*buffer == NULL) {
-                if (*maxlen == 0)
-                    *maxlen = 1024;
-                *buffer = OPENSSL_malloc(*maxlen);
-                if (*currlen > 0) {
-                    assert(*sbuffer != NULL);
-                    memcpy(*buffer, *sbuffer, *currlen);
-                }
-                *sbuffer = NULL;
-            } else {
-                *maxlen += 1024;
-                *buffer = OPENSSL_realloc(*buffer, *maxlen);
-            }
-        }
-        /* What to do if *buffer is NULL? */
-        assert(*sbuffer != NULL || *buffer != NULL);
-    }
-
-    if (*currlen < *maxlen) {
-        if (*sbuffer)
+
+    if ((flags & DP_F_ZERO) && (padlen > 0)) {
+        if (signvalue) {
+            if (!doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+                return 0;
+            --padlen;
+            signvalue = 0;
+        }
+        while (padlen > 0) {
+            if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+                return 0;
+            --padlen;
+        }
+    }
+    while (padlen > 0) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+            return 0;
+        --padlen;
+    }
+    if (signvalue && !doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue))
+        return 0;
+
+    while (iplace > 0) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]))
+            return 0;
+    }
+
+    /*
+     * Decimal point. This should probably use locale to find the correct
+     * char to print out.
+     */
+    if (max > 0 || (flags & DP_F_NUM)) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '.'))
+            return 0;
+
+        while (fplace > 0) {
+            if(!doapr_outch(sbuffer, buffer, currlen, maxlen,
+                            fconvert[--fplace]))
+                return 0;
+        }
+    }
+    while (zpadlen > 0) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, '0'))
+            return 0;
+        --zpadlen;
+    }
+
+    while (padlen < 0) {
+        if (!doapr_outch(sbuffer, buffer, currlen, maxlen, ' '))
+            return 0;
+        ++padlen;
+    }
+    return 1;
+}
+
+#define BUFFER_INC  1024
+
+static int
+doapr_outch(char **sbuffer,
+            char **buffer, size_t *currlen, size_t *maxlen, int c)
+{
+    /* If we haven't at least one buffer, someone has doe a big booboo */
+    assert(*sbuffer != NULL || buffer != NULL);
+
+    /* |currlen| must always be <= |*maxlen| */
+    assert(*currlen <= *maxlen);
+
+    if (buffer && *currlen == *maxlen) {
+        if (*maxlen > INT_MAX - BUFFER_INC)
+            return 0;
+
+        *maxlen += BUFFER_INC;
+            if (*buffer == NULL) {
+                *buffer = OPENSSL_malloc(*maxlen);
+                if (*buffer == NULL)
+                    return 0;
+                if (*currlen > 0) {
+                    assert(*sbuffer != NULL);
+                    memcpy(*buffer, *sbuffer, *currlen);
+                }
+                *sbuffer = NULL;
+            } else {
+                char *tmpbuf;
+                tmpbuf = OPENSSL_realloc(*buffer, *maxlen);
+                if (tmpbuf == NULL)
+                    return 0;
+                *buffer = tmpbuf;
+            }
+        }
+
+    if (*currlen < *maxlen) {
+        if (*sbuffer)
             (*sbuffer)[(*currlen)++] = (char)c;
         else
-            (*buffer)[(*currlen)++] = (char)c;
-    }
+            (*buffer)[(*currlen)++] = (char)c;
+    }
+
+    return 1;
+}
+
+/***************************************************************************/
 
-    return;
-}
-
-/***************************************************************************/
-
 int BIO_printf(BIO *bio, const char *format, ...)
 {
     va_list args;
@@ -763,13 +808,17 @@ int BIO_vprintf(BIO *bio, const char *format, va_list 
     size_t hugebufsize = sizeof(hugebuf);
     char *dynbuf = NULL;
     int ignored;
-
-    dynbuf = NULL;
-    CRYPTO_push_info("doapr()");
-    _dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, args);
-    if (dynbuf) {
-        ret = BIO_write(bio, dynbuf, (int)retlen);
-        OPENSSL_free(dynbuf);
+
+    dynbuf = NULL;
+    CRYPTO_push_info("doapr()");
+    if (!_dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format,
+                args)) {
+        OPENSSL_free(dynbuf);
+        return -1;
+    }
+    if (dynbuf) {
+        ret = BIO_write(bio, dynbuf, (int)retlen);
+        OPENSSL_free(dynbuf);
     } else {
         ret = BIO_write(bio, hugebuf, (int)retlen);
     }
@@ -798,13 +847,14 @@ int BIO_snprintf(char *buf, size_t n, const char *form
 
 int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
 {
-    size_t retlen;
-    int truncated;
-
-    _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
-
-    if (truncated)
-        /*
+    size_t retlen;
+    int truncated;
+
+    if(!_dopr(&buf, NULL, &n, &retlen, &truncated, format, args))
+        return -1;
+
+    if (truncated)
+        /*
          * In case of truncation, return -1 like traditional snprintf.
          * (Current drafts for ISO/IEC 9899 say snprintf should return the
          * number of characters that would have been written, had the buffer

Modified: stable/8/crypto/openssl/crypto/bn/bn.h
==============================================================================
--- stable/8/crypto/openssl/crypto/bn/bn.h	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/bn/bn.h	Thu Jan  4 01:21:24 2018	(r327537)
@@ -69,12 +69,13 @@
  *
  */
 
-#ifndef HEADER_BN_H
-# define HEADER_BN_H
-
-# include <openssl/e_os2.h>
-# ifndef OPENSSL_NO_FP_API
-#  include <stdio.h>            /* FILE */
+#ifndef HEADER_BN_H
+# define HEADER_BN_H
+
+# include <limits.h>
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_FP_API
+#  include <stdio.h>            /* FILE */
 # endif
 # include <openssl/ossl_typ.h>
 
@@ -701,14 +702,23 @@ const BIGNUM *BN_get0_nist_prime_224(void);
 const BIGNUM *BN_get0_nist_prime_256(void);
 const BIGNUM *BN_get0_nist_prime_384(void);
 const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
-        (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
-# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-# ifndef OPENSSL_NO_DEPRECATED
+
+/* library internal functions */
+
+# define bn_expand(a,bits) \
+    ( \
+        bits > (INT_MAX - BN_BITS2 + 1) ? \
+            NULL \
+        : \
+            (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax) ? \
+                (a) \
+            : \
+                bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2) \
+    )
+
+# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
+BIGNUM *bn_expand2(BIGNUM *a, int words);
+# ifndef OPENSSL_NO_DEPRECATED
 BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
 # endif
 

Modified: stable/8/crypto/openssl/crypto/bn/bn_exp.c
==============================================================================
--- stable/8/crypto/openssl/crypto/bn/bn_exp.c	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/bn/bn_exp.c	Thu Jan  4 01:21:24 2018	(r327537)
@@ -110,6 +110,7 @@
  */
 
 #include "cryptlib.h"
+#include "constant_time_locl.h"
 #include "bn_lcl.h"
 
 /* maximum precomputation table size for *variable* sliding windows */
@@ -523,9 +524,11 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const
 
 static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int top,
                                         unsigned char *buf, int idx,
-                                        int width)
+                                        int window)
 {
-    size_t i, j;
+    int i, j;
+    int width = 1 << window;
+    BN_ULONG *table = (BN_ULONG *)buf;
 
     if (bn_wexpand(b, top) == NULL)
         return 0;
@@ -533,8 +536,8 @@ static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int
         b->d[b->top++] = 0;
     }
 
-    for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
-        buf[j] = ((unsigned char *)b->d)[i];
+    for (i = 0, j = idx; i < top; i++, j += width) {
+        table[j] = b->d[i];
     }
 
     bn_correct_top(b);
@@ -543,15 +546,51 @@ static int MOD_EXP_CTIME_COPY_TO_PREBUF(BIGNUM *b, int
 
 static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
                                           unsigned char *buf, int idx,
-                                          int width)
+                                          int window)
 {
-    size_t i, j;
+    int i, j;
+    int width = 1 << window;
+    volatile BN_ULONG *table = (volatile BN_ULONG *)buf;
 
     if (bn_wexpand(b, top) == NULL)
         return 0;
 
-    for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
-        ((unsigned char *)b->d)[i] = buf[j];
+    if (window <= 3) {
+        for (i = 0; i < top; i++, table += width) {
+            BN_ULONG acc = 0;
+
+            for (j = 0; j < width; j++) {
+                acc |= table[j] &
+                       ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
+            }
+
+            b->d[i] = acc;
+        }
+    } else {
+        int xstride = 1 << (window - 2);
+        BN_ULONG y0, y1, y2, y3;
+
+        i = idx >> (window - 2);        /* equivalent of idx / xstride */
+        idx &= xstride - 1;             /* equivalent of idx % xstride */
+
+        y0 = (BN_ULONG)0 - (constant_time_eq_int(i,0)&1);
+        y1 = (BN_ULONG)0 - (constant_time_eq_int(i,1)&1);
+        y2 = (BN_ULONG)0 - (constant_time_eq_int(i,2)&1);
+        y3 = (BN_ULONG)0 - (constant_time_eq_int(i,3)&1);
+
+        for (i = 0; i < top; i++, table += width) {
+            BN_ULONG acc = 0;
+
+            for (j = 0; j < xstride; j++) {
+                acc |= ( (table[j + 0 * xstride] & y0) |
+                         (table[j + 1 * xstride] & y1) |
+                         (table[j + 2 * xstride] & y2) |
+                         (table[j + 3 * xstride] & y3) )
+                       & ((BN_ULONG)0 - (constant_time_eq_int(j,idx)&1));
+            }
+
+            b->d[i] = acc;
+        }
     }
 
     b->top = top;
@@ -648,7 +687,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
      */
     if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
         goto err;
-    if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, numPowers))
+    if (!MOD_EXP_CTIME_COPY_TO_PREBUF(r, top, powerbuf, 0, window))
         goto err;
 
     /* Initialize computeTemp as a^1 with montgomery precalcs */
@@ -667,7 +706,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
         goto err;
     if (!BN_copy(computeTemp, am))
         goto err;
-    if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, numPowers))
+    if (!MOD_EXP_CTIME_COPY_TO_PREBUF(am, top, powerbuf, 1, window))
         goto err;
 
     /*
@@ -682,8 +721,8 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
             if (!BN_mod_mul_montgomery
                 (computeTemp, am, computeTemp, mont, ctx))
                 goto err;
-            if (!MOD_EXP_CTIME_COPY_TO_PREBUF
-                (computeTemp, top, powerbuf, i, numPowers))
+            if (!MOD_EXP_CTIME_COPY_TO_PREBUF(computeTemp, top, powerbuf, i,
+                                              window))
                 goto err;
         }
     }
@@ -719,7 +758,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM
          * Fetch the appropriate pre-computed value from the pre-buf
          */
         if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
-            (computeTemp, top, powerbuf, wvalue, numPowers))
+            (computeTemp, top, powerbuf, wvalue, window))
             goto err;
 
         /* Multiply the result into the intermediate result */

Modified: stable/8/crypto/openssl/crypto/bn/bn_print.c
==============================================================================
--- stable/8/crypto/openssl/crypto/bn/bn_print.c	Thu Jan  4 00:58:30 2018	(r327536)
+++ stable/8/crypto/openssl/crypto/bn/bn_print.c	Thu Jan  4 01:21:24 2018	(r327537)
@@ -55,13 +55,14 @@
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+
+#include <stdio.h>
+#include <ctype.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include "bn_lcl.h"
 
-#include <stdio.h>
-#include <ctype.h>
-#include "cryptlib.h"
-#include <openssl/buffer.h>
-#include "bn_lcl.h"
-
 static const char Hex[] = "0123456789ABCDEF";
 
 /* Must 'OPENSSL_free' the returned data */
@@ -110,6 +111,7 @@ char *BN_bn2dec(const BIGNUM *a)
     char *p;
     BIGNUM *t = NULL;
     BN_ULONG *bn_data = NULL, *lp;
+    int bn_data_num;
 
     /*-
      * get an upper bound for the length of the decimal integer
@@ -119,8 +121,8 @@ char *BN_bn2dec(const BIGNUM *a)
      */
     i = BN_num_bits(a) * 3;
     num = (i / 10 + i / 1000 + 1) + 1;
-    bn_data =
-        (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG));
+    bn_data_num = num / BN_DEC_NUM + 1;
+    bn_data = OPENSSL_malloc(bn_data_num * sizeof(BN_ULONG));
     buf = (char *)OPENSSL_malloc(num + 3);
     if ((buf == NULL) || (bn_data == NULL)) {
         BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
@@ -139,9 +141,12 @@ char *BN_bn2dec(const BIGNUM *a)
         if (BN_is_negative(t))
             *p++ = '-';
 
-        i = 0;
         while (!BN_is_zero(t)) {
+            if (lp - bn_data >= bn_data_num)
+                goto err;
             *lp = BN_div_word(t, BN_DEC_CONV);
+            if (*lp == (BN_ULONG)-1)
+                goto err;
             lp++;
         }
         lp--;
@@ -186,28 +191,32 @@ int BN_hex2bn(BIGNUM **bn, const char *a)
 
     if (*a == '-') {
         neg = 1;
-        a++;
-    }
+        a++;
+    }
+
+    for (i = 0; i <= (INT_MAX/4) && isxdigit((unsigned char)a[i]); i++)
+        continue;
+
+    if (i > INT_MAX/4)
+        goto err;
+
+    num = i + neg;
+    if (bn == NULL)
+        return (num);
 
-    for (i = 0; isxdigit((unsigned char)a[i]); i++) ;
-
-    num = i + neg;
-    if (bn == NULL)
-        return (num);
-
     /* a is the start of the hex digits, and it is 'i' long */
     if (*bn == NULL) {
         if ((ret = BN_new()) == NULL)
             return (0);
     } else {
         ret = *bn;
-        BN_zero(ret);
-    }
-
-    /* i is the number of hex digests; */
-    if (bn_expand(ret, i * 4) == NULL)
-        goto err;
-
+        BN_zero(ret);
+    }
+
+    /* i is the number of hex digits */
+    if (bn_expand(ret, i * 4) == NULL)
+        goto err;
+
     j = i;                      /* least significant 'hex' */
     m = 0;
     h = 0;

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201801040121.w041LOUA075068>