#3 yubico-piv-tool-2.3.0-1
Merged 2 years ago by jjelen. Opened 2 years ago by vhanulik.
rpms/ vhanulik/yubico-piv-tool rebase  into  rawhide

file modified
+3
@@ -42,3 +42,6 @@ 

  /yubico-piv-tool-2.2.0.tar.gz.sig

  /yubico-piv-tool-2.2.1.tar.gz

  /yubico-piv-tool-2.2.1.tar.gz.sig

+ /yubico-piv-tool-2.3.0.tar.gz

+ /yubico-piv-tool-2.3.0.tar.gz.sig

+ /gpgkey-9588EA0F.gpg

file modified
+3 -3
@@ -1,3 +1,3 @@ 

- SHA512 (yubico-piv-tool-2.2.1.tar.gz) = 58c43a4583658f91dc1cbd75d66cdd4f3631ea9eb6797892a199f80e48624d9afaa436c200c3054c1f03cb0ffa251dc6ce8a270d8e746447aa1840333141d711

- SHA512 (yubico-piv-tool-2.2.1.tar.gz.sig) = a403a7e73f674670ad41cfff7fb05a0fa5b2f56e222768aec6dd474994fdbcb40f92c415fffc294fa4c65f51843415cca87ee6becd2ad1043a799e839d831c49

- SHA512 (gpgkey-C4686BFE.gpg) = c90ba8f74862762f301ef4832ad2fdfe11589948a26385360204efc3c62f8acd8f8c0756be4c2b4daf2620c49eb9dca654c4ba4c679dfe9fbec54a9da486cb76

+ SHA512 (yubico-piv-tool-2.3.0.tar.gz) = 72125df922e32322563e95286e04d19e56db9c6e66ae9003ae7dfffac47425b8b2bc7c71ecfa603f96f3a24c985fca1f436580dc579ff44196dcde7aeceee7f3

+ SHA512 (yubico-piv-tool-2.3.0.tar.gz.sig) = 845bdc177b7b72aa2be80a836df0cf053c12b8d3dffe828f5fe742699880c1970d1f85fbf014692c9cf4ba31aa6eb1457682db86f2d1bb3ddfc8fca4d64dd56f

+ SHA512 (gpgkey-9588EA0F.gpg) = ff3fb773cf95c8d28fb9630c8525539c7ba497a046292a9eda816dd77c4a8b199b74467c7639bbbb0236e439b4db4d0a8b1694a40b33e074072d3ecac46acd87

@@ -0,0 +1,31 @@ 

+ From c4227d0ddf3892d2c45b9ab52b646832c48625ac Mon Sep 17 00:00:00 2001

+ From: Veronika Hanulikova <vhanulik@redhat.com>

+ Date: Wed, 2 Mar 2022 10:21:39 +0100

+ Subject: [PATCH] Set uninitialized variables

+ 

+ ---

+  ykcs11/tests/ykcs11_tests_util.c | 4 ++--

+  1 file changed, 2 insertions(+), 2 deletions(-)

+ 

+ diff --git a/ykcs11/tests/ykcs11_tests_util.c b/ykcs11/tests/ykcs11_tests_util.c

+ index 77270bd3..e63091e9 100644

+ --- a/ykcs11/tests/ykcs11_tests_util.c

+ +++ b/ykcs11/tests/ykcs11_tests_util.c

+ @@ -281,7 +281,7 @@ void test_digest_func(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_

+    CK_BYTE     digest_update[128] = {0};

+    CK_ULONG    digest_update_len;

+    CK_BYTE     hdata[128] = {0};

+ -  CK_ULONG    hdata_len;

+ +  CK_ULONG    hdata_len = 0;

+  

+    CK_MECHANISM mech = {mech_type, NULL, 0};

+  

+ @@ -1015,7 +1015,7 @@ void test_rsa_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE sessio

+    EVP_PKEY_CTX *ctx = NULL;

+  

+    CK_BYTE     hdata[512] = {0};

+ -  CK_ULONG    hdata_len;

+ +  CK_ULONG    hdata_len = 0;

+  

+    CK_OBJECT_HANDLE obj_pubkey;

+    CK_MECHANISM mech = {mech_type, NULL, 0};

@@ -0,0 +1,44 @@ 

+ From 07d280a83f5145017de4ebf6a2af21658e22fddf Mon Sep 17 00:00:00 2001

+ From: Veronika Hanulikova <vhanulik@redhat.com>

+ Date: Wed, 2 Mar 2022 10:32:48 +0100

+ Subject: [PATCH] Fix use after free

+ 

+ Causes errors "may be used after 'free'", since

+ `dec` is not allocated again after `free()`.

+ Also, removed assigning of `sizeof(dec)`, because

+ `dec` is not static array, but allocated.

+ ---

+  ykcs11/tests/ykcs11_tests_util.c | 10 ++++++----

+  1 file changed, 6 insertions(+), 4 deletions(-)

+ 

+ diff --git a/ykcs11/tests/ykcs11_tests_util.c b/ykcs11/tests/ykcs11_tests_util.c

+ index e63091e9..530d9028 100644

+ --- a/ykcs11/tests/ykcs11_tests_util.c

+ +++ b/ykcs11/tests/ykcs11_tests_util.c

+ @@ -1193,7 +1193,7 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_

+    CK_BYTE*  data;

+    CK_BYTE   enc[512] = {0};

+    CK_BYTE*  dec;

+ -  CK_ULONG  dec_len;

+ +  CK_ULONG  dec_len, dec_len_backup;

+  

+    if(padding == RSA_NO_PADDING) {

+      data_len = RSA_size(rsak);

+ @@ -1228,12 +1228,14 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_

+        // Decrypt Update

+        asrt(funcs->C_DecryptInit(session, &mech, obj_pvtkey[i]), CKR_OK, "DECRYPT INIT");

+        asrt(funcs->C_Login(session, CKU_CONTEXT_SPECIFIC, (CK_CHAR_PTR)"123456", 6), CKR_OK, "Re-Login USER");

+ -      dec_len = sizeof(dec);

+ +      dec = malloc(dec_len);

+ +      dec_len_backup = dec_len;

+        asrt(funcs->C_DecryptUpdate(session, enc, 100, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");

+ -      dec_len = sizeof(dec);

+ +      dec_len = dec_len_backup;

+        asrt(funcs->C_DecryptUpdate(session, enc+100, 8, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");

+ -      dec_len = sizeof(dec);

+ +      dec_len = dec_len_backup;

+        asrt(funcs->C_DecryptUpdate(session, enc+108, 20, dec, &dec_len), CKR_OK, "DECRYPT UPDATE");

+ +      free(dec);

+        dec_len = 0;

+        asrt(funcs->C_DecryptFinal(session, NULL, &dec_len), CKR_OK, "DECRYPT FINAL");

+        dec = malloc(dec_len);

file modified
+12 -3
@@ -1,15 +1,17 @@ 

  %global __cmake_in_source_build 1

  

  Name:		yubico-piv-tool

- Version:	2.2.1

- Release:	4%{?dist}

+ Version:	2.3.0

+ Release:	1%{?dist}

  Summary:	Tool for interacting with the PIV applet on a YubiKey

  

  License:	GPLv3+

  URL:		https://developers.yubico.com/yubico-piv-tool/

  Source0:	https://developers.yubico.com/yubico-piv-tool/Releases/yubico-piv-tool-%{version}.tar.gz

  Source1:	https://developers.yubico.com/yubico-piv-tool/Releases/yubico-piv-tool-%{version}.tar.gz.sig

- Source2:	gpgkey-C4686BFE.gpg

+ Source2:	gpgkey-9588EA0F.gpg

+ Patch1:		yubico-piv-tool-2.3.0-uninitialized-variables.patch

+ Patch2:		yubico-piv-tool-2.3.0-use-after-free.patch

  

  BuildRequires:  make

  BuildRequires:	pcsc-lite-devel
@@ -43,6 +45,8 @@ 

  %prep

  gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}

  %setup -q

+ %patch1 -p1 -b .uninitialized-variables

+ %patch2 -p1 -b .use-after-free

  

  %build

  %cmake3 .
@@ -84,6 +88,11 @@ 

  

  

  %changelog

+ * Wed Mar 04 2022 Veronika Hanulikova <vhanulik@redhat.com> - 2.3.0-1

+ - New upstream release (#2059540)

+ - Initialize maybe-uninitialized variables

+ - Fix usage of pointer after free

+ 

  * Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.1-4

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild