From 8ed152db7f9683ded46163593d52b913071f765e Mon Sep 17 00:00:00 2001 From: hmilylmk Date: Tue, 27 Sep 2022 19:53:45 +0800 Subject: [PATCH] dsoftbus: add CVE-2020-36477 patch * backport CVE-2020-36477 patch from OpenHarmony Signed-off-by: hmilylmk --- .../mbedtls/0004-CVE-2020-36477.patch | 89 +++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 dsoftbus/third_party/mbedtls/0004-CVE-2020-36477.patch diff --git a/dsoftbus/third_party/mbedtls/0004-CVE-2020-36477.patch b/dsoftbus/third_party/mbedtls/0004-CVE-2020-36477.patch new file mode 100644 index 00000000..30539343 --- /dev/null +++ b/dsoftbus/third_party/mbedtls/0004-CVE-2020-36477.patch @@ -0,0 +1,89 @@ +From 533328f6a4d5af8b5c7428919920f314ab9b14f9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=E6=AF=9B=E5=AE=87=E9=94=8B?= +Date: Tue, 27 Sep 2022 07:04:14 +0000 +Subject: [PATCH 2/2] =?UTF-8?q?=E4=BF=AE=E5=A4=8DCVE-2020-36477?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: 毛宇锋 +--- + include/mbedtls/x509.h | 22 ++++++++++++++++++++++ + library/x509_crt.c | 21 ++++++++++++++++++++- + 2 files changed, 42 insertions(+), 1 deletion(-) + +diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h +index 5bb9b00..87243c6 100755 +--- a/include/mbedtls/x509.h ++++ b/include/mbedtls/x509.h +@@ -131,6 +131,28 @@ + #define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */ + #define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */ + ++/* ++ * X.509 v3 Subject Alternative Name types. ++ * otherName [0] OtherName, ++ * rfc822Name [1] IA5String, ++ * dNSName [2] IA5String, ++ * x400Address [3] ORAddress, ++ * directoryName [4] Name, ++ * ediPartyName [5] EDIPartyName, ++ * uniformResourceIdentifier [6] IA5String, ++ * iPAddress [7] OCTET STRING, ++ * registeredID [8] OBJECT IDENTIFIER ++ */ ++#define MBEDTLS_X509_SAN_OTHER_NAME 0 ++#define MBEDTLS_X509_SAN_RFC822_NAME 1 ++#define MBEDTLS_X509_SAN_DNS_NAME 2 ++#define MBEDTLS_X509_SAN_X400_ADDRESS_NAME 3 ++#define MBEDTLS_X509_SAN_DIRECTORY_NAME 4 ++#define MBEDTLS_X509_SAN_EDI_PARTY_NAME 5 ++#define MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER 6 ++#define MBEDTLS_X509_SAN_IP_ADDRESS 7 ++#define MBEDTLS_X509_SAN_REGISTERED_ID 8 ++ + /* \} name */ + /* \} addtogroup x509_module */ + +diff --git a/library/x509_crt.c b/library/x509_crt.c +index 14c53fc..644e71c 100755 +--- a/library/x509_crt.c ++++ b/library/x509_crt.c +@@ -2452,6 +2452,25 @@ static int x509_crt_check_cn( const mbedtls_x509_buf *name, + return( -1 ); + } + ++/* ++ * Check for SAN match, see RFC 5280 Section 4.2.1.6 ++ */ ++static int x509_crt_check_san( const mbedtls_x509_buf *name, ++ const char *cn, size_t cn_len ) ++{ ++ const unsigned char san_type = (unsigned char) name->tag & ++ MBEDTLS_ASN1_TAG_VALUE_MASK; ++ ++ /* dNSName */ ++ if( san_type == MBEDTLS_X509_SAN_DNS_NAME ) ++ return( x509_crt_check_cn( name, cn, cn_len ) ); ++ ++ /* (We may handle other types here later.) */ ++ ++ /* Unrecognized type */ ++ return( -1 ); ++} ++ + /* + * Verify the requested CN - only call this if cn is not NULL! + */ +@@ -2467,7 +2486,7 @@ static void x509_crt_verify_name( const mbedtls_x509_crt *crt, + { + for( cur = &crt->subject_alt_names; cur != NULL; cur = cur->next ) + { +- if( x509_crt_check_cn( &cur->buf, cn, cn_len ) == 0 ) ++ if( x509_crt_check_san( &cur->buf, cn, cn_len ) == 0 ) + break; + } + +-- +2.32.0 + -- Gitee