1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
From 9db12ffa00aa1dcbe60eec543307f405e35cfe15 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Sun, 21 Feb 2021 18:54:16 -0800
Subject: [PATCH 01/29] CVE-2020-28025: Heap out-of-bounds read in
pdkim_finish_bodyhash()
---
src/pdkim/pdkim.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/pdkim/pdkim.c b/src/pdkim/pdkim.c
index 594af03c5..e203311da 100644
--- a/src/pdkim/pdkim.c
+++ b/src/pdkim/pdkim.c
@@ -825,7 +825,7 @@ for (sig = ctx->sig; sig; sig = sig->next)
/* VERIFICATION --------------------------------------------------------- */
/* Be careful that the header sig included a bodyash */
- if ( sig->bodyhash.data
+ if (sig->bodyhash.data && sig->bodyhash.len == b->bh.len
&& memcmp(b->bh.data, sig->bodyhash.data, b->bh.len) == 0)
{
DEBUG(D_acl) debug_printf("PDKIM [%s] Body hash compared OK\n", sig->domain);
@@ -1524,7 +1524,7 @@ for (sig = ctx->sig; sig; sig = sig->next)
do this hash incrementally.
We don't need the hash we're calculating here for the GnuTLS and OpenSSL
cases of RSA signing, since those library routines can do hash-and-sign.
-
+
Some time in the future we could easily avoid doing the hash here for those
cases (which will be common for a long while. We could also change from
the current copy-all-the-headers-into-one-block, then call the hash-and-sign
@@ -1779,7 +1779,7 @@ for (sig = ctx->sig; sig; sig = sig->next)
);
goto NEXT_VERIFY;
}
-
+
/* Make sure sig uses supported DKIM version (only v1) */
if (sig->version != 1)
{
--
2.30.2
|
