Debian Bug report logs -
#511520
erlang: openssl return values.
Reported by: Kurt Roeckx <kurt@roeckx.be>
Date: Sun, 11 Jan 2009 19:45:01 UTC
Severity: serious
Tags: security
Done: "Sergei Golovan" <sgolovan@gmail.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Erlang Packagers <erlang-pkg-devel@lists.berlios.de>:
Bug#511520; Package erlang.
(Sun, 11 Jan 2009 19:45:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Kurt Roeckx <kurt@roeckx.be>:
New Bug report received and forwarded. Copy sent to Erlang Packagers <erlang-pkg-devel@lists.berlios.de>.
(Sun, 11 Jan 2009 19:45:03 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: erlang
Severity: serious
Tags: security
Hi,
I've been checking packages to see if they properly check the return
value of some of the functions in openssl. In
lib/crypto/c_src/crypto_drv.c there is this code:
i = DSA_do_verify(hmacbuf, SHA_DIGEST_LENGTH,
dsa_sig, dsa);
*rbuf = (char *)(bin = driver_alloc_binary(1));
(bin->orig_bytes)[0] = (char)(i & 0xff);
And I have no idea what happens with this afterwards. But
I currently assume that it's not properly checking the
return value.
Note that DSA_do_verify can return 0 and -1 on errors and
1 on success.
Kurt
Reply sent
to "Sergei Golovan" <sgolovan@gmail.com>:
You have taken responsibility.
(Mon, 12 Jan 2009 10:57:06 GMT) (full text, mbox, link).
Notification sent
to Kurt Roeckx <kurt@roeckx.be>:
Bug acknowledged by developer.
(Mon, 12 Jan 2009 10:57:06 GMT) (full text, mbox, link).
Message #10 received at 511520-close@bugs.debian.org (full text, mbox, reply):
On Sun, Jan 11, 2009 at 10:41 PM, Kurt Roeckx <kurt@roeckx.be> wrote:
>
> I've been checking packages to see if they properly check the return
> value of some of the functions in openssl. In
> lib/crypto/c_src/crypto_drv.c there is this code:
> i = DSA_do_verify(hmacbuf, SHA_DIGEST_LENGTH,
> dsa_sig, dsa);
> *rbuf = (char *)(bin = driver_alloc_binary(1));
> (bin->orig_bytes)[0] = (char)(i & 0xff);
This return value (i & 0xff) (which may be 1, 0 or 0xff) is sent back
to the caller where it is compared to 1.
The corresponding excerpt from lib/crypto/src/crypto.erl:
dss_verify(Dgst,Signature,Key) ->
control(?DSS_VERIFY, [Dgst,Signature,Key]) == <<1>>.
So, this report is invalid and I'm closing it.
Cheers!
--
Sergei Golovan
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 10 Feb 2009 07:27:35 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Fri Aug 2 04:50:45 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.