Index: openssl/CHANGES RCS File: /v/openssl/cvs/openssl/CHANGES,v rcsdiff -q -kk '-r1.1238.2.188' '-r1.1238.2.189' -u '/v/openssl/cvs/openssl/CHANGES,v' 2>/dev/null --- CHANGES 2010/02/19 18:25:37 1.1238.2.188 +++ CHANGES 2010/02/23 10:36:39 1.1238.2.189 @@ -4,6 +4,9 @@ Changes between 0.9.8l and 0.9.8m [xx XXX xxxx] + *) Always check bn_wexpend() return values for failure. (CVE-2009-3245) + [Martin Olsson, Neel Mehta] + *) Fix X509_STORE locking: Every 'objs' access requires a lock (to accommodate for stack sorting, always a write lock!). [Bodo Moeller] Index: openssl/crypto/bn/bn_div.c RCS File: /v/openssl/cvs/openssl/crypto/bn/bn_div.c,v rcsdiff -q -kk '-r1.37.2.8' '-r1.37.2.9' -u '/v/openssl/cvs/openssl/crypto/bn/bn_div.c,v' 2>/dev/null --- bn_div.c 2009/06/17 11:26:39 1.37.2.8 +++ bn_div.c 2010/02/23 10:36:41 1.37.2.9 @@ -102,7 +102,7 @@ /* The next 2 are needed so we can do a dv->d[0]|=1 later * since BN_lshift1 will only work once there is a value :-) */ BN_zero(dv); - bn_wexpand(dv,1); + if(bn_wexpand(dv,1) == NULL) goto end; dv->top=1; if (!BN_lshift(D,D,nm-nd)) goto end; Index: openssl/crypto/bn/bn_gf2m.c RCS File: /v/openssl/cvs/openssl/crypto/bn/bn_gf2m.c,v rcsdiff -q -kk '-r1.18.2.2' '-r1.18.2.3' -u '/v/openssl/cvs/openssl/crypto/bn/bn_gf2m.c,v' 2>/dev/null --- bn_gf2m.c 2008/06/23 20:46:28 1.18.2.2 +++ bn_gf2m.c 2010/02/23 10:36:41 1.18.2.3 @@ -294,7 +294,8 @@ if (a->top < b->top) { at = b; bt = a; } else { at = a; bt = b; } - bn_wexpand(r, at->top); + if(bn_wexpand(r, at->top) == NULL) + return 0; for (i = 0; i < bt->top; i++) { Index: openssl/crypto/ec/ec2_smpl.c RCS File: /v/openssl/cvs/openssl/crypto/ec/ec2_smpl.c,v rcsdiff -q -kk '-r1.14.2.1' '-r1.14.2.2' -u '/v/openssl/cvs/openssl/crypto/ec/ec2_smpl.c,v' 2>/dev/null --- ec2_smpl.c 2006/03/13 23:12:07 1.14.2.1 +++ ec2_smpl.c 2010/02/23 10:36:41 1.14.2.2 @@ -174,8 +174,10 @@ dest->poly[2] = src->poly[2]; dest->poly[3] = src->poly[3]; dest->poly[4] = src->poly[4]; - bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2); - bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2); + if(bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) + return 0; + if(bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) + return 0; for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0; for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0; return 1; @@ -199,12 +201,12 @@ /* group->a */ if (!BN_GF2m_mod_arr(&group->a, a, group->poly)) goto err; - bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2); + if(bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err; for (i = group->a.top; i < group->a.dmax; i++) group->a.d[i] = 0; /* group->b */ if (!BN_GF2m_mod_arr(&group->b, b, group->poly)) goto err; - bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2); + if(bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err; for (i = group->b.top; i < group->b.dmax; i++) group->b.d[i] = 0; ret = 1; Index: openssl/engines/e_ubsec.c RCS File: /v/openssl/cvs/openssl/engines/e_ubsec.c,v rcsdiff -q -kk '-r1.13.2.3' '-r1.13.2.4' -u '/v/openssl/cvs/openssl/engines/e_ubsec.c,v' 2>/dev/null --- e_ubsec.c 2007/09/06 12:43:53 1.13.2.3 +++ e_ubsec.c 2010/02/23 10:36:41 1.13.2.4 @@ -934,7 +934,7 @@ priv_key = BN_new(); if (priv_key == NULL) goto err; priv_key_len = BN_num_bits(dh->p); - bn_wexpand(priv_key, dh->p->top); + if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err; do if (!BN_rand_range(priv_key, dh->p)) goto err; while (BN_is_zero(priv_key)); @@ -949,7 +949,7 @@ { pub_key = BN_new(); pub_key_len = BN_num_bits(dh->p); - bn_wexpand(pub_key, dh->p->top); + if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err; if(pub_key == NULL) goto err; } else