From 9db12ffa00aa1dcbe60eec543307f405e35cfe15 Mon Sep 17 00:00:00 2001 From: Qualys Security Advisory Date: Sun, 21 Feb 2021 18:54:16 -0800 Subject: [PATCH 01/29] CVE-2020-28025: Heap out-of-bounds read in pdkim_finish_bodyhash() --- src/pdkim/pdkim.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/pdkim/pdkim.c b/src/pdkim/pdkim.c index 594af03c5..e203311da 100644 --- a/src/pdkim/pdkim.c +++ b/src/pdkim/pdkim.c @@ -825,7 +825,7 @@ for (sig = ctx->sig; sig; sig = sig->next) /* VERIFICATION --------------------------------------------------------- */ /* Be careful that the header sig included a bodyash */ - if ( sig->bodyhash.data + if (sig->bodyhash.data && sig->bodyhash.len == b->bh.len && memcmp(b->bh.data, sig->bodyhash.data, b->bh.len) == 0) { DEBUG(D_acl) debug_printf("PDKIM [%s] Body hash compared OK\n", sig->domain); @@ -1524,7 +1524,7 @@ for (sig = ctx->sig; sig; sig = sig->next) do this hash incrementally. We don't need the hash we're calculating here for the GnuTLS and OpenSSL cases of RSA signing, since those library routines can do hash-and-sign. - + Some time in the future we could easily avoid doing the hash here for those cases (which will be common for a long while. We could also change from the current copy-all-the-headers-into-one-block, then call the hash-and-sign @@ -1779,7 +1779,7 @@ for (sig = ctx->sig; sig; sig = sig->next) ); goto NEXT_VERIFY; } - + /* Make sure sig uses supported DKIM version (only v1) */ if (sig->version != 1) { -- 2.30.2