diff options
author | delphij <delphij@FreeBSD.org> | 2017-11-29 05:59:12 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2017-11-29 05:59:12 +0000 |
commit | 0ecf331da20a8ac070c734965e57534aacbba964 (patch) | |
tree | 04169c7abc664208529d007b5929c518d57c83d6 | |
parent | 4a41e2e13c64eddf6e3f83911de7e508d1098b4c (diff) | |
download | FreeBSD-src-0ecf331da20a8ac070c734965e57534aacbba964.zip FreeBSD-src-0ecf331da20a8ac070c734965e57534aacbba964.tar.gz |
Fix multiple vulnerabilities of OpenSSL.
Security: FreeBSD-SA-17:11
Approved by: so
-rw-r--r-- | UPDATING | 4 | ||||
-rwxr-xr-x | crypto/openssl/crypto/bn/asm/x86_64-mont5.pl | 12 | ||||
-rw-r--r-- | crypto/openssl/crypto/x509v3/v3_addr.c | 10 | ||||
-rw-r--r-- | secure/lib/libcrypto/amd64/x86_64-mont5.S | 12 |
4 files changed, 30 insertions, 8 deletions
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20171129 p5 FreeBSD-SA-17:11.openssl + + Fix multiple vulnerabilities of OpenSSL. + 20171115 p4 FreeBSD-SA-17:08.ptrace FreeBSD-SA-17:10.kldstat diff --git a/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl b/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl index 3bb0cdf..42178e4 100755 --- a/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl +++ b/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl @@ -3090,11 +3090,19 @@ $code.=<<___; .align 32 .Lsqrx8x_break: - sub 16+8(%rsp),%r8 # consume last carry + xor $zero,$zero + sub 16+8(%rsp),%rbx # mov 16(%rsp),%cf + adcx $zero,%r8 mov 24+8(%rsp),$carry # initial $tptr, borrow $carry + adcx $zero,%r9 mov 0*8($aptr),%rdx # a[8], modulo-scheduled - xor %ebp,%ebp # xor $zero,$zero + adc \$0,%r10 mov %r8,0*8($tptr) + adc \$0,%r11 + adc \$0,%r12 + adc \$0,%r13 + adc \$0,%r14 + adc \$0,%r15 cmp $carry,$tptr # cf=0, of=0 je .Lsqrx8x_outer_loop diff --git a/crypto/openssl/crypto/x509v3/v3_addr.c b/crypto/openssl/crypto/x509v3/v3_addr.c index 1290dec..af080a0 100644 --- a/crypto/openssl/crypto/x509v3/v3_addr.c +++ b/crypto/openssl/crypto/x509v3/v3_addr.c @@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi) */ unsigned int v3_addr_get_afi(const IPAddressFamily *f) { - return ((f != NULL && - f->addressFamily != NULL && f->addressFamily->data != NULL) - ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1])) - : 0); + if (f == NULL + || f->addressFamily == NULL + || f->addressFamily->data == NULL + || f->addressFamily->length < 2) + return 0; + return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1]; } /* diff --git a/secure/lib/libcrypto/amd64/x86_64-mont5.S b/secure/lib/libcrypto/amd64/x86_64-mont5.S index 3d1b0ce..f4a12d7 100644 --- a/secure/lib/libcrypto/amd64/x86_64-mont5.S +++ b/secure/lib/libcrypto/amd64/x86_64-mont5.S @@ -3077,11 +3077,19 @@ __bn_sqrx8x_internal: .align 32 .Lsqrx8x_break: - subq 16+8(%rsp),%r8 + xorq %rbp,%rbp + subq 16+8(%rsp),%rbx + adcxq %rbp,%r8 movq 24+8(%rsp),%rcx + adcxq %rbp,%r9 movq 0(%rsi),%rdx - xorl %ebp,%ebp + adcq $0,%r10 movq %r8,0(%rdi) + adcq $0,%r11 + adcq $0,%r12 + adcq $0,%r13 + adcq $0,%r14 + adcq $0,%r15 cmpq %rcx,%rdi je .Lsqrx8x_outer_loop |