From 2e61faf59d1028df1bb2464d7d4cfc3fbda6f911 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 18 Feb 2016 12:47:23 +0000 Subject: [PATCH 1/3] Fix double free in DSA private key parsing. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix double free bug when parsing malformed DSA private keys. Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using libFuzzer. CVE-2016-0705 Reviewed-by: Emilia Käsper (cherry picked from commit 6c88c71b4e4825c7bc0489306d062d017634eb88) --- crypto/dsa/dsa_ameth.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) Index: openssl-1.0.1e/crypto/dsa/dsa_ameth.c =================================================================== --- openssl-1.0.1e.orig/crypto/dsa/dsa_ameth.c +++ openssl-1.0.1e/crypto/dsa/dsa_ameth.c @@ -201,6 +201,8 @@ static int dsa_priv_decode(EVP_PKEY *pke STACK_OF(ASN1_TYPE) *ndsa = NULL; DSA *dsa = NULL; + int ret = 0; + if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) return 0; X509_ALGOR_get0(NULL, &ptype, &pval, palg); @@ -281,23 +283,20 @@ static int dsa_priv_decode(EVP_PKEY *pke } EVP_PKEY_assign_DSA(pkey, dsa); - BN_CTX_free (ctx); - if(ndsa) - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - else - ASN1_INTEGER_free(privkey); - - return 1; + ret = 1; + goto done; decerr: DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR); dsaerr: + DSA_free(dsa); + done: BN_CTX_free (ctx); - if (privkey) + if (ndsa) + sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); + else ASN1_INTEGER_free(privkey); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - DSA_free(dsa); - return 0; + return ret; } static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)