libcrypto: Fix buffer overrun in truncated SHA-512 functions.
Further fallout from the libc/openssl sha2 symbol collision. PR lib/58039
This commit is contained in:
parent
c58d8f331b
commit
f1f68b211d
|
@ -49,9 +49,9 @@ static int nm##_init(EVP_MD_CTX *ctx) \
|
|||
#define sha512_256_Init sha512_256_init
|
||||
|
||||
#define sha512_224_Update SHA512_Update
|
||||
#define sha512_224_Final SHA512_Final
|
||||
#define sha512_224_Final sha512_224_final /* XXX NetBSD libc sha2 */
|
||||
#define sha512_256_Update SHA512_Update
|
||||
#define sha512_256_Final SHA512_Final
|
||||
#define sha512_256_Final sha512_256_final /* XXX NetBSD libc sha2 */
|
||||
|
||||
IMPLEMENT_LEGACY_EVP_MD_METH(sha1, SHA1)
|
||||
IMPLEMENT_LEGACY_EVP_MD_METH(sha224, SHA224)
|
||||
|
|
|
@ -16,6 +16,8 @@
|
|||
|
||||
int sha512_224_init(SHA512_CTX *);
|
||||
int sha512_256_init(SHA512_CTX *);
|
||||
int sha512_224_final(unsigned char *, SHA512_CTX *); /* XXX NetBSD libc sha2 */
|
||||
int sha512_256_final(unsigned char *, SHA512_CTX *); /* XXX NetBSD libc sha2 */
|
||||
int ossl_sha1_ctrl(SHA_CTX *ctx, int cmd, int mslen, void *ms);
|
||||
unsigned char *ossl_sha1(const unsigned char *d, size_t n, unsigned char *md);
|
||||
|
||||
|
|
|
@ -86,10 +86,12 @@ IMPLEMENT_digest_functions(sha512, SHA512_CTX,
|
|||
/* ossl_sha512_224_functions */
|
||||
IMPLEMENT_digest_functions(sha512_224, SHA512_CTX,
|
||||
SHA512_CBLOCK, SHA224_DIGEST_LENGTH, SHA2_FLAGS,
|
||||
sha512_224_init, SHA512_Update, SHA512_Final)
|
||||
sha512_224_init, SHA512_Update,
|
||||
/* XXX NetBSD libc sha2 */sha512_224_final)
|
||||
|
||||
/* ossl_sha512_256_functions */
|
||||
IMPLEMENT_digest_functions(sha512_256, SHA512_CTX,
|
||||
SHA512_CBLOCK, SHA256_DIGEST_LENGTH, SHA2_FLAGS,
|
||||
sha512_256_init, SHA512_Update, SHA512_Final)
|
||||
sha512_256_init, SHA512_Update,
|
||||
/* XXX NetBSD libc sha2 */sha512_256_final)
|
||||
|
||||
|
|
|
@ -46,6 +46,20 @@ sha512_224_init(SHA512_CTX *context)
|
|||
|
||||
}
|
||||
|
||||
extern int
|
||||
sha512_224_final(unsigned char *md, SHA512_CTX *context);
|
||||
int
|
||||
sha512_224_final(unsigned char *md, SHA512_CTX *context)
|
||||
{
|
||||
unsigned char tmp[64];
|
||||
|
||||
SHA512_Final(tmp, context);
|
||||
memcpy(md, tmp, 28);
|
||||
explicit_memset(tmp, 0, sizeof(tmp));
|
||||
return 1;
|
||||
|
||||
}
|
||||
|
||||
extern int
|
||||
sha512_256_init(SHA512_CTX *context);
|
||||
int
|
||||
|
@ -61,3 +75,16 @@ sha512_256_init(SHA512_CTX *context)
|
|||
|
||||
return 1;
|
||||
}
|
||||
|
||||
extern int
|
||||
sha512_256_final(unsigned char *md, SHA512_CTX *context);
|
||||
int
|
||||
sha512_256_final(unsigned char *md, SHA512_CTX *context)
|
||||
{
|
||||
unsigned char tmp[64];
|
||||
|
||||
SHA512_Final(tmp, context);
|
||||
memcpy(md, tmp, 32);
|
||||
explicit_memset(tmp, 0, sizeof(tmp));
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: t_sha512trunc.c,v 1.1 2024/03/15 15:32:07 riastradh Exp $ */
|
||||
/* $NetBSD: t_sha512trunc.c,v 1.2 2024/03/15 18:10:37 riastradh Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 2024 The NetBSD Foundation, Inc.
|
||||
|
@ -27,7 +27,7 @@
|
|||
*/
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
__RCSID("$NetBSD: t_sha512trunc.c,v 1.1 2024/03/15 15:32:07 riastradh Exp $");
|
||||
__RCSID("$NetBSD: t_sha512trunc.c,v 1.2 2024/03/15 18:10:37 riastradh Exp $");
|
||||
|
||||
#include <stddef.h>
|
||||
|
||||
|
@ -123,8 +123,6 @@ ATF_TC_BODY(sha512_224, tc)
|
|||
},
|
||||
};
|
||||
|
||||
atf_tc_expect_fail("PR lib/58039:"
|
||||
" Buffer overflow when writing a SHA512_224 or SHA512_256 digest");
|
||||
check(C, __arraycount(C), 28, EVP_sha512_224());
|
||||
}
|
||||
|
||||
|
@ -159,8 +157,6 @@ ATF_TC_BODY(sha512_256, tc)
|
|||
},
|
||||
};
|
||||
|
||||
atf_tc_expect_fail("PR lib/58039:"
|
||||
" Buffer overflow when writing a SHA512_224 or SHA512_256 digest");
|
||||
check(C, __arraycount(C), 32, EVP_sha512_256());
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue