Fix a NULL dereference in GENERAL_NAME_cmp()libressl-v3.1.5OPENBSD_6_7

Comparing two GENERAL_NAME structures containing an EDIPARTYNAME can lead
to a crash. This enables a denial of service attack for an attacker who can
control both sides of the comparison.

Issue reported to OpenSSL on Nov 9 by David Benjamin.
OpenSSL shared the information with us on Dec 1st.
Fix from Matt Caswell (OpenSSL) with a few small tweaks.

ok jsing

this is errata/6.7/031_asn1.patch.sig

5 files changed, 48 insertions, 5 deletions

diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
index 0a8da415fb..9cbc21238b 100644
--- a/src/lib/libcrypto/asn1/asn1.h
+++ b/src/lib/libcrypto/asn1/asn1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1.h,v 1.53 2018/11/30 04:51:19 jeremy Exp $ */
+/* $OpenBSD: asn1.h,v 1.53.6.1 2020/12/08 15:10:03 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1137,6 +1137,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_BAD_OBJECT_HEADER                         102
 #define ASN1_R_BAD_PASSWORD_READ                         103
 #define ASN1_R_BAD_TAG                                   104
+#define ASN1_R_BAD_TEMPLATE                              230
 #define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
 #define ASN1_R_BN_LIB                                    105
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
index 5cc355084f..bfa9fbf0b5 100644
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ b/src/lib/libcrypto/asn1/asn1_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_err.c,v 1.21 2018/03/29 02:29:24 inoguchi Exp $ */
+/* $OpenBSD: asn1_err.c,v 1.21.8.1 2020/12/08 15:10:03 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -85,6 +85,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
         {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER)    , "bad object header"},
         {ERR_REASON(ASN1_R_BAD_PASSWORD_READ)    , "bad password read"},
         {ERR_REASON(ASN1_R_BAD_TAG)              , "bad tag"},
+        {ERR_REASON(ASN1_R_BAD_TEMPLATE)         , "bad template"},
         {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"},
         {ERR_REASON(ASN1_R_BN_LIB)               , "bn lib"},
         {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"},
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index 5dc520c428..5d79e6833f 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_lib.c,v 1.44 2018/11/17 09:34:11 tb Exp $ */
+/* $OpenBSD: asn1_lib.c,v 1.44.6.1 2020/12/08 15:10:03 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -388,6 +388,8 @@ ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
 {
         int i;
 
+        if (a == NULL || b == NULL)
+                return -1;
         i = (a->length - b->length);
         if (i == 0) {
                 i = memcmp(a->data, b->data, a->length);
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
index 70dc355ca1..9e6ceacd4a 100644
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ b/src/lib/libcrypto/asn1/tasn_dec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_dec.c,v 1.37 2019/04/01 15:48:04 jsing Exp $ */
+/* $OpenBSD: tasn_dec.c,v 1.37.6.1 2020/12/08 15:10:03 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -210,6 +210,16 @@ asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
                 break;
 
         case ASN1_ITYPE_MSTRING:
+                /*
+                 * It never makes sense for multi-strings to have implicit
+                 * tagging, so if tag != -1, then this looks like an error in
+                 * the template.
+                 */
+                if (tag != -1) {
+                        ASN1error(ASN1_R_BAD_TEMPLATE);
+                        goto err;
+                }
+
                 p = *in;
                 /* Just read in tag and class */
                 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
@@ -245,6 +255,16 @@ asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
                     it, tag, aclass, opt, ctx);
 
         case ASN1_ITYPE_CHOICE:
+                /*
+                 * It never makes sense for CHOICE types to have implicit
+                 * tagging, so if tag != -1, then this looks like an error in
+                 * the template.
+                 */
+                if (tag != -1) {
+                        ASN1error(ASN1_R_BAD_TEMPLATE);
+                        goto err;
+                }
+
                 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
                         goto auxerr;
 
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
index d103c4d096..d0a569fd8a 100644
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ b/src/lib/libcrypto/asn1/tasn_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_enc.c,v 1.22 2019/04/01 15:48:04 jsing Exp $ */
+/* $OpenBSD: tasn_enc.c,v 1.22.6.1 2020/12/08 15:10:03 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -61,6 +61,7 @@
 
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
+#include <openssl/err.h>
 #include <openssl/objects.h>
 
 static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
@@ -152,9 +153,27 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
                 break;
 
         case ASN1_ITYPE_MSTRING:
+                /*
+                 * It never makes sense for multi-strings to have implicit
+                 * tagging, so if tag != -1, then this looks like an error in
+                 * the template.
+                 */
+                if (tag != -1) {
+                        ASN1error(ASN1_R_BAD_TEMPLATE);
+                        return 0;
+                }
                 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
 
         case ASN1_ITYPE_CHOICE:
+                /*
+                 * It never makes sense for CHOICE types to have implicit
+                 * tagging, so if tag != -1, then this looks like an error in
+                 * the template.
+                 */
+                if (tag != -1) {
+                        ASN1error(ASN1_R_BAD_TEMPLATE);
+                        return 0;
+                }
                 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
                         return 0;
                 i = asn1_get_choice_selector(pval, it);