[Bug 223040] New: openssl-0.9.8d-14: local variable used before set
https://bugzilla.novell.com/show_bug.cgi?id=223040 Summary: openssl-0.9.8d-14: local variable used before set Product: openSUSE 10.2 Version: Beta 2 plus Platform: All OS/Version: SuSE Linux 10.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: dcb314@hotmail.com QAContact: qa@suse.de I just tried to compile package openssl-0.9.8d-14 with the GNU C compiler. It said dh_key.c:226: warning: 'ctx' is used uninitialized in this function The source code is if (ctx != NULL) I have read the source code and I agree with the compiler. Suggest initialise local variable ctx at its declaration to NULL. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 poeml@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |poeml@novell.com AssignedTo|poeml@novell.com |mkoenig@novell.com ------- Comment #2 from poeml@novell.com 2006-11-27 06:15 MST ------- Matthias, can you have a look please? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 ------- Comment #3 from mkoenig@novell.com 2006-11-27 08:24 MST ------- The problem is in the Diffie-Hellman key method implementation. The following section of the compute_key function in dh_key.c is problematic: if (ctx != NULL) { BN_CTX_end(ctx); BN_CTX_free(ctx); } BN_CTX_end() writes to members in ctx, so if ctx is not a valid pointer, the function will possibly write to some random memory. This can happen when the number of bits of the input bignum is greater than 10000 (OPENSSL_DH_MAX_MODULUS_BITS): if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 ------- Comment #5 from mkoenig@novell.com 2006-11-29 10:11 MST ------- The last conclusion was too fast. There is a reference to CVE-2006-2940 and #208971. So, this patch is already in our package, but it is disabled in stable! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|openssl-0.9.8d-14: local |VUL-0: openssl-0.9.8d-14: local variable used |variable used before set |before set Status Whiteboard| |patchinfos submitted -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 mkoenig@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|mkoenig@novell.com |security-team@suse.de Status|ASSIGNED |NEW ------- Comment #7 from mkoenig@novell.com 2006-12-04 08:34 MST ------- Submitted to stable (should be for 10.2). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 ------- Comment #8 from lrupp@novell.com 2006-12-07 13:16 MST ------- Then please submit to 10.2, too. (next time ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=223040 meissner@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #9 from meissner@novell.com 2006-12-08 06:16 MST ------- released, thanks! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com