-
Notifications
You must be signed in to change notification settings - Fork 82
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added 9 patches to openssl #4
Conversation
The fix ensures that the length comparison is done through subtraction instead of addition, so even if the addition overflows, the bug would not manifest. Hence, the canary should only execute if the fix is not applied.
if (i != 0) { | ||
+ | ||
+#ifdef MAGMA_ENABLE_CANARIES | ||
+ MAGMA_LOG(101,INT_MAX - inl < i); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Move this bug to a "graveyard" folder instead of "bugs".
The original bug report states that no internal instance of the function call can trigger this bug.
Although it could possibly be triggered by someone calling the function directly, we're not interested in that right now.
So instead of deleting it, I suggest moving it to a graveyard directory in case it comes into use later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've made some fixes/changes to the bugs.
I suggest graveyarding bug 101 for now.
Check out the comments on the individual patch files.
+#else | ||
+ int magma_int = rsa_pss_to_ctx(ctx, NULL, sigalg, pkey); | ||
+#ifdef MAGMA_ENABLE_CANARIES | ||
+ MAGMA_LOG(108, magma_int < 0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add an entry for this bug in the spreadsheet
No description provided.