jimzah/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src.git synced 2024-11-26 20:12:44 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
9286d46a79
freebsd-src/crypto
History
Cy Schubert 9286d46a79 heimdal: CVE-2022-41916: Check for overflow in _gsskrb5_get_mech() 
Apply upstream 22749e918 to fix a buffer overflow.

Upstream notes:

    If len_len is equal to total_len - 1 (i.e. the input consists only of a
    0x60 byte and a length), the expression 'total_len - 1 - len_len - 1',
    used as the 'len' parameter to der_get_length(), will overflow to
    SIZE_MAX. Then der_get_length() will proceed to read, unconstrained,
    whatever data follows in memory. Add a check to ensure that doesn't
    happen

This is similar to samba CVE-2022-3437.

Reported by:	emaste
Security:	CVE-2022-41916
Obtained from:	upstream 22749e918
MFC after:	1 week
2024-02-15 13:27:55 -08:00
..
heimdal heimdal: CVE-2022-41916: Check for overflow in _gsskrb5_get_mech() 2024-02-15 13:27:55 -08:00
openssh ssh: Update to OpenSSH 9.6p1 2024-01-04 22:16:30 -05:00
openssl OpenSSL: Update date string 2024-02-05 12:09:08 -08:00
README Two more $FreeBSD$ stragglers 2023-08-25 15:14:19 -06:00

README 

This directory is for the EXACT same use as src/contrib, except it
holds crypto sources.  In other words, this holds raw sources obtained
from various third party vendors, with FreeBSD patches applied.  No
compilation is done from this directory, it is all done from the
src/secure directory.  The separation between src/contrib and src/crypto
is the result of an old USA law, which made these sources export
controlled, so they had to be kept separate.