diff options
Diffstat (limited to 'debian/patches/84_01-CVE-2020-28025-Heap-out-of-bounds-read-in-pdkim_fini.patch')
| -rw-r--r-- | debian/patches/84_01-CVE-2020-28025-Heap-out-of-bounds-read-in-pdkim_fini.patch | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/patches/84_01-CVE-2020-28025-Heap-out-of-bounds-read-in-pdkim_fini.patch b/debian/patches/84_01-CVE-2020-28025-Heap-out-of-bounds-read-in-pdkim_fini.patch new file mode 100644 index 0000000..7c79753 --- /dev/null +++ b/debian/patches/84_01-CVE-2020-28025-Heap-out-of-bounds-read-in-pdkim_fini.patch @@ -0,0 +1,44 @@ +From 9db12ffa00aa1dcbe60eec543307f405e35cfe15 Mon Sep 17 00:00:00 2001 +From: Qualys Security Advisory <qsa@qualys.com> +Date: Sun, 21 Feb 2021 18:54:16 -0800 +Subject: [PATCH 01/29] CVE-2020-28025: Heap out-of-bounds read in + pdkim_finish_bodyhash() + +--- + src/pdkim/pdkim.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/pdkim/pdkim.c b/src/pdkim/pdkim.c +index 594af03c5..e203311da 100644 +--- a/src/pdkim/pdkim.c ++++ b/src/pdkim/pdkim.c +@@ -825,7 +825,7 @@ for (sig = ctx->sig; sig; sig = sig->next) + /* VERIFICATION --------------------------------------------------------- */ + /* Be careful that the header sig included a bodyash */ + +- if ( sig->bodyhash.data ++ if (sig->bodyhash.data && sig->bodyhash.len == b->bh.len + && memcmp(b->bh.data, sig->bodyhash.data, b->bh.len) == 0) + { + DEBUG(D_acl) debug_printf("PDKIM [%s] Body hash compared OK\n", sig->domain); +@@ -1524,7 +1524,7 @@ for (sig = ctx->sig; sig; sig = sig->next) + do this hash incrementally. + We don't need the hash we're calculating here for the GnuTLS and OpenSSL + cases of RSA signing, since those library routines can do hash-and-sign. +- ++ + Some time in the future we could easily avoid doing the hash here for those + cases (which will be common for a long while. We could also change from + the current copy-all-the-headers-into-one-block, then call the hash-and-sign +@@ -1779,7 +1779,7 @@ for (sig = ctx->sig; sig; sig = sig->next) + ); + goto NEXT_VERIFY; + } +- ++ + /* Make sure sig uses supported DKIM version (only v1) */ + if (sig->version != 1) + { +-- +2.30.2 + |