On Mon, Aug 22, 2016 at 06:15:33PM +1000, Brian May wrote:
> Brian May <b...@debian.org> writes:
>
> > I will have a look and see if I can hack^h^h^h^hpatch the Debian package
> > to include the above security fix; although I don't have any exploits
> > test it with.
>
> Ok, I have attached my proposed debdiff patch. It builds using sbuild. I
> haven't claimed this package, and unlikely to have time to continue this
> month. So if anybody wants to take over before then, feel free to do so.
> --
> Brian May <b...@debian.org>
> diff -u matrixssl-1.8.8/debian/changelog matrixssl-1.8.8/debian/changelog
> --- matrixssl-1.8.8/debian/changelog
> +++ matrixssl-1.8.8/debian/changelog
> @@ -1,3 +1,10 @@
> +matrixssl (1.8.8-1+deb7u1) wheezy-security; urgency=high
> +
> + * Non-maintainer upload by the LTS Team.
> + * Fix integer overflow in bn_reverse.
> +
> + -- Brian May <b...@debian.org> Mon, 22 Aug 2016 18:09:05 +1000
> +
> matrixssl (1.8.8-1) unstable; urgency=high
>
> * new upstream version.
> diff -u matrixssl-1.8.8/debian/control matrixssl-1.8.8/debian/control
> --- matrixssl-1.8.8/debian/control
> +++ matrixssl-1.8.8/debian/control
> @@ -2,7 +2,7 @@
> Priority: optional
> Section: libs
> Maintainer: Gerrit Pape <p...@smarden.org>
> -Build-Depends: dietlibc-dev [alpha amd64 arm hppa i386 ia64 mips mipsel
> powerpc ppc64 s390 sparc]
> +Build-Depends: dietlibc-dev [alpha amd64 arm hppa i386 ia64 mips mipsel
> powerpc ppc64 s390 sparc], quilt
> Standards-Version: 3.8.0.1
>
> Package: libmatrixssl1.8-dev
> diff -u matrixssl-1.8.8/debian/rules matrixssl-1.8.8/debian/rules
> --- matrixssl-1.8.8/debian/rules
> +++ matrixssl-1.8.8/debian/rules
> @@ -28,6 +28,7 @@
> DIR =$(shell pwd)/debian/libmatrixssl$(SOVER)
>
> unpack: deb-checkdir unpack-gnu-stamp unpack-diet-stamp
> + quilt push -a
> unpack-gnu-stamp:
> mkdir -p gnu/static gnu/shared
> (cd gnu/static && tar xzf - && ln -s matrixssl* matrixssl) <'$(TARGZ)'
> @@ -61,6 +62,7 @@
> touch build-diet-stamp
>
> clean: deb-checkdir deb-checkuid
> + quilt pop -a || true
> rm -rf gnu diet examples
> rm -f unpack-gnu-stamp unpack-diet-stamp build-gnu-stamp \
> build-diet-stamp
> only in patch2:
> unchanged:
> --- matrixssl-1.8.8.orig/.pc/.quilt_patches
> +++ matrixssl-1.8.8/.pc/.quilt_patches
> @@ -0,0 +1 @@
> +debian/patches
> only in patch2:
> unchanged:
> --- matrixssl-1.8.8.orig/.pc/.quilt_series
> +++ matrixssl-1.8.8/.pc/.quilt_series
> @@ -0,0 +1 @@
> +series
> only in patch2:
> unchanged:
> --- matrixssl-1.8.8.orig/.pc/.version
> +++ matrixssl-1.8.8/.pc/.version
> @@ -0,0 +1 @@
> +2
> only in patch2:
> unchanged:
> --- matrixssl-1.8.8.orig/debian/patches/fix-bn_reverse.patch
> +++ matrixssl-1.8.8/debian/patches/fix-bn_reverse.patch
> @@ -0,0 +1,36 @@
> +--- a/diet/matrixssl-1-8-8-open/src/crypto/peersec/mpi.c
> ++++ b/diet/matrixssl-1-8-8-open/src/crypto/peersec/mpi.c
> +@@ -945,6 +945,9 @@
> + int32 ix, iy;
> + unsigned char t;
> +
> ++ if (len == 0) {
> ++ return;
> ++ }
> + ix = 0;
> + iy = len - 1;
> + while (ix < iy) {
> +--- a/gnu/shared/matrixssl-1-8-8-open/src/crypto/peersec/mpi.c
> ++++ b/gnu/shared/matrixssl-1-8-8-open/src/crypto/peersec/mpi.c
> +@@ -945,6 +945,9 @@
> + int32 ix, iy;
> + unsigned char t;
> +
> ++ if (len == 0) {
> ++ return;
> ++ }
> + ix = 0;
> + iy = len - 1;
> + while (ix < iy) {
> +--- a/gnu/static/matrixssl-1-8-8-open/src/crypto/peersec/mpi.c
> ++++ b/gnu/static/matrixssl-1-8-8-open/src/crypto/peersec/mpi.c
> +@@ -945,6 +945,9 @@
> + int32 ix, iy;
> + unsigned char t;
> +
> ++ if (len == 0) {
> ++ return;
> ++ }
> + ix = 0;
> + iy = len - 1;
> + while (ix < iy) {
> only in patch2:
> unchanged:
> --- matrixssl-1.8.8.orig/debian/patches/series
> +++ matrixssl-1.8.8/debian/patches/series
> @@ -0,0 +1 @@
> +fix-bn_reverse.patch
Having the same hunk three times isn't pretty but I don't have a great
idea how this can be done better in the current packaging either.
Did you try to reproduce the crash mentioned in the CVE details?
Cheers,
-- Guido
