Skip to content

P
Postgres FD Implementation
Commit 8b59672d authored by Noah Misch's avatar Noah Misch
Browse files
Options

Cherry-pick security-relevant fixes from upstream imath library. 

This covers alterations to buffer sizing and zeroing made between imath
1.3 and imath 1.20.  Valgrind Memcheck identified the buffer overruns
and reliance on uninitialized data; their exploit potential is unknown.
Builds specifying --with-openssl are unaffected, because they use the
OpenSSL BIGNUM facility instead of imath.  Back-patch to 9.0 (all
supported versions).

Security: CVE-2015-0243
parent 1dc75515
Show whitespace changes
Inline Side-by-side
Showing with 15 additions and 9 deletions
contrib/pgcrypto/imath.c
View file @ 8b59672d
...@@ -818,7 +818,8 @@ mp_int_mul(mp_int a, mp_int b, mp_int c) ...@@ -818,7 +818,8 @@ mp_int_mul(mp_int a, mp_int b, mp_int c)
*/ */
ua = MP_USED(a); ua = MP_USED(a);
ub = MP_USED(b); ub = MP_USED(b);
osize = ua + ub; osize = MAX(ua, ub);
osize = 4 * ((osize + 1) / 2);
if (c == a || c == b) if (c == a || c == b)
{ {
...@@ -907,7 +908,7 @@ mp_int_sqr(mp_int a, mp_int c) ...@@ -907,7 +908,7 @@ mp_int_sqr(mp_int a, mp_int c)
CHECK(a != NULL && c != NULL); CHECK(a != NULL && c != NULL);
/* Get a temporary buffer big enough to hold the result */ /* Get a temporary buffer big enough to hold the result */
osize = (mp_size) 2 *MP_USED(a); osize = (mp_size) 4 *((MP_USED(a) + 1) / 2);
if (a == c) if (a == c)
{ {
...@@ -2605,8 +2606,8 @@ s_kmul(mp_digit *da, mp_digit *db, mp_digit *dc, ...@@ -2605,8 +2606,8 @@ s_kmul(mp_digit *da, mp_digit *db, mp_digit *dc,
* Now we'll get t1 = a0b0 and t2 = a1b1, and subtract them out so * Now we'll get t1 = a0b0 and t2 = a1b1, and subtract them out so
* that we're left with only the pieces we want: t3 = a1b0 + a0b1 * that we're left with only the pieces we want: t3 = a1b0 + a0b1
*/ */
ZERO(t1, bot_size + 1); ZERO(t1, buf_size);
ZERO(t2, bot_size + 1); ZERO(t2, buf_size);
(void) s_kmul(da, db, t1, bot_size, bot_size); /* t1 = a0 * b0 */ (void) s_kmul(da, db, t1, bot_size, bot_size); /* t1 = a0 * b0 */
(void) s_kmul(a_top, b_top, t2, at_size, bt_size); /* t2 = a1 * b1 */ (void) s_kmul(a_top, b_top, t2, at_size, bt_size); /* t2 = a1 * b1 */
...@@ -2616,11 +2617,13 @@ s_kmul(mp_digit *da, mp_digit *db, mp_digit *dc, ...@@ -2616,11 +2617,13 @@ s_kmul(mp_digit *da, mp_digit *db, mp_digit *dc,
/* Assemble the output value */ /* Assemble the output value */
COPY(t1, dc, buf_size); COPY(t1, dc, buf_size);
(void) s_uadd(t3, dc + bot_size, dc + bot_size, carry = s_uadd(t3, dc + bot_size, dc + bot_size,
buf_size + 1, buf_size + 1); buf_size + 1, buf_size);
assert(carry == 0);
(void) s_uadd(t2, dc + 2 * bot_size, dc + 2 * bot_size, carry = s_uadd(t2, dc + 2 * bot_size, dc + 2 * bot_size,
buf_size, buf_size); buf_size, buf_size);
assert(carry == 0);
s_free(t1); /* note t2 and t3 are just internal pointers s_free(t1); /* note t2 and t3 are just internal pointers
* to t1 */ * to t1 */
...@@ -3307,7 +3310,10 @@ s_embar(mp_int a, mp_int b, mp_int m, mp_int mu, mp_int c) ...@@ -3307,7 +3310,10 @@ s_embar(mp_int a, mp_int b, mp_int m, mp_int mu, mp_int c)
dbt = db + MP_USED(b) - 1; dbt = db + MP_USED(b) - 1;
while (last < 3) while (last < 3)
SETUP(mp_int_init_size(TEMP(last), 2 * umu), last); {
SETUP(mp_int_init_size(TEMP(last), 4 * umu), last);
ZERO(MP_DIGITS(TEMP(last - 1)), MP_ALLOC(TEMP(last - 1)));
}
(void) mp_int_set_value(c, 1); (void) mp_int_set_value(c, 1);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment