diff options
Diffstat (limited to '0028-CVE-2023-0286-Fix-GENERAL_NAME_cmp-for-x400Address-1.patch')
| -rw-r--r-- | 0028-CVE-2023-0286-Fix-GENERAL_NAME_cmp-for-x400Address-1.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/0028-CVE-2023-0286-Fix-GENERAL_NAME_cmp-for-x400Address-1.patch b/0028-CVE-2023-0286-Fix-GENERAL_NAME_cmp-for-x400Address-1.patch new file mode 100644 index 0000000..24e3c8a --- /dev/null +++ b/0028-CVE-2023-0286-Fix-GENERAL_NAME_cmp-for-x400Address-1.patch @@ -0,0 +1,41 @@ +From 7553d2119f3c899f779eaacafff63feaa843814a Mon Sep 17 00:00:00 2001 +From: s00803682 <shaodenghui@huawei.com> +Date: Sat, 25 Feb 2023 18:22:13 +0800 +Subject: [PATCH] CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address (1.1.1) + +REF: https://github.com/openssl/openssl/commit/2c6c9d439b484e1ba9830d8454a34fa4f80fdfe9 +Signed-off-by: chenhuiying <chenhuiying4@huawei.com> +--- + CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c | 2 +- + CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c +index 23778e2..12ce733 100644 +--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c ++++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_genn.c +@@ -97,7 +97,7 @@ int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) + return -1; + switch (a->type) { + case GEN_X400: +- result = ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address); ++ result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address); + break; + + case GEN_EDIPARTY: +diff --git a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h +index 6c6eca3..b80438d 100644 +--- a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h ++++ b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/x509v3.h +@@ -136,7 +136,7 @@ typedef struct GENERAL_NAME_st { + OTHERNAME *otherName; /* otherName */ + ASN1_IA5STRING *rfc822Name; + ASN1_IA5STRING *dNSName; +- ASN1_TYPE *x400Address; ++ ASN1_STRING *x400Address; + X509_NAME *directoryName; + EDIPARTYNAME *ediPartyName; + ASN1_IA5STRING *uniformResourceIdentifier; +-- +2.27.0 + |