master

分支 (17)

标签 (15)

管理

管理

master

tmp

openEuler-22.03-LTS-Next

openEuler-22.03-LTS

openEuler-22.03-LTS-SP1

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-SP3

openEuler-23.03

openEuler-22.09

openEuler-20.03-LTS-Next

openEuler-20.03-LTS-SP2

openEuler-20.03-LTS

openEuler-21.03

openEuler-20.09

openEuler-21.09

openEuler1.0

openEuler1.0-base

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

openEuler-20.09-20200929

openEuler-20.03-LTS-20200606

openEuler-20.03-LTS-tag

edk2
/
0028-CVE-2023-0286-Fix-GENERAL_NAME_c...

From 7553d2119f3c899f779eaacafff63feaa843814a Mon Sep 17 00:00:00 2001
From: s00803682 <shaodenghui@huawei.com>
Date: Sat, 25 Feb 2023 18:22:13 +0800
Subject: [PATCH] CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address (1.1.1)

REF: https://github.com/openssl/openssl/commit/2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9
Signed-off-by: chenhuiying <chenhuiying4@huawei.com>
---
 CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c  | 2 +-
 CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c
index 23778e2..12ce733 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c
@@ -97,7 +97,7 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
         return -1;
     switch (a->type) {
     case GEN_X400:
-        result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
+        result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address);
         break;

     case GEN_EDIPARTY:
diff --git a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h
index 6c6eca3..b80438d 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h
+++ b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h
@@ -136,7 +136,7 @@ typedef struct GENERAL_NAME_st {
         OTHERNAME *otherName;   /* otherName */
         ASN1_IA5STRING *rfc822Name;
         ASN1_IA5STRING *dNSName;
-        ASN1_TYPE *x400Address;
+        ASN1_STRING *x400Address;
         X509_NAME *directoryName;
         EDIPARTYNAME *ediPartyName;
         ASN1_IA5STRING *uniformResourceIdentifier;
--
2.27.0