simon-git: putty (master): Simon Tatham

Commits to Tartarus hosted VCS tartarus-commits at lists.tartarus.org
Sun Apr 28 10:04:59 BST 2019 

TL;DR:
  4b8aad76 Fix assertion failure in rsa_verify.
  4d0c2ca9 testcrypt: refactor return_opt_foo functions.
  e9e800c7 testcrypt: allow ssh_key constructors to fail.
  1cd935e6 cryptsuite: add a test of rsa_verify.
  eecefcb2 sshzlib: tighten up handling of invalid symbol codes.
  77aff29e Fix a benign buffer overrun in sshzlib.c.

Repository:     https://git.tartarus.org/simon/putty.git
On the web:     https://git.tartarus.org/?p=simon/putty.git
Branch updated: master
Committer:      Simon Tatham <anakin at pobox.com>
Date:           2019-04-28 10:04:59

commit 4b8aad76f8d545032a7824398695e7fdcd226ba6
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4b8aad76f8d545032a7824398695e7fdcd226ba6;hp=5f204d1ef1a229f1d962eaeb2bfe0c5e2614acd4
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Apr 28 09:59:28 2019 +0100

    Fix assertion failure in rsa_verify.
    
    If a malformed private key (received through any channel, whether
    loaded from a disk file or over the wire by Pageant) specifies either
    of the modulus's prime factors p or q as 1, then when rsa_verify tries
    to check that e*d is congruent to 1 mod (p-1) and mod (q-1), that
    check will involve a division by zero, which in this context means
    failing an assertion in mp_divmod.
    
    We were already doing a preliminary check that neither of p and q was
    actually zero. Now that check is strengthened to check that p-1 and
    q-1 are not zero either.

 sshrsa.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

commit 4d0c2ca90f56a4748a3fa78fca1fd672882fa367
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4d0c2ca90f56a4748a3fa78fca1fd672882fa367;hp=4b8aad76f8d545032a7824398695e7fdcd226ba6
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Apr 28 09:59:28 2019 +0100

    testcrypt: refactor return_opt_foo functions.
    
    There are already three tediously similar functions that wrap a NULL
    check around some existing function to return one or another kind of
    pointer, and I'm about to want to add another one. Make a macro so
    that it's easy to make more functions identical to these three.

 testcrypt.c | 33 +++++++++++----------------------
 1 file changed, 11 insertions(+), 22 deletions(-)

commit e9e800c77385f86171387b29c8a686b3d4c095c5
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=e9e800c77385f86171387b29c8a686b3d4c095c5;hp=4d0c2ca90f56a4748a3fa78fca1fd672882fa367
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Apr 28 09:59:28 2019 +0100

    testcrypt: allow ssh_key constructors to fail.
    
    If key decoding or verification fails, those functions can return
    NULL. Recognise that in the testcrypt API, so that I can test them.

 testcrypt.c | 1 +
 testcrypt.h | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

commit 1cd935e6c9491b0859673afffe2a8de11c9ed915
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=1cd935e6c9491b0859673afffe2a8de11c9ed915;hp=e9e800c77385f86171387b29c8a686b3d4c095c5
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Apr 28 09:59:28 2019 +0100

    cryptsuite: add a test of rsa_verify.
    
    This includes a regression test for the p=1 bug I just fixed, and also
    adds some more basic tests just because it seemed silly not to.

 test/cryptsuite.py | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)

commit eecefcb23cb8db466d18ffdd7818b9c40cdad59e
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=eecefcb23cb8db466d18ffdd7818b9c40cdad59e;hp=1cd935e6c9491b0859673afffe2a8de11c9ed915
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Apr 28 10:02:17 2019 +0100

    sshzlib: tighten up handling of invalid symbol codes.
    
    In Deflate, both the literal/length and distance Huffman trees are
    physically capable of encoding two symbol ids beyond the number that
    the spec assigns any actual meaning to: a compressed block header can
    specify code lengths for those two extra symbols if it wants to, in
    which case those codes will be added to the Huffman tree (in
    particular, will affect the encoding of everything else), but then
    should not actually use those codes.
    
    Our zlib decoder was silently ignoring the two invalid codes in the
    literal/length tree, but treating the two invalid codes in the
    distance tree as a fatal decoding error. That seems inconsistent. Now
    we treat both as fatal decode errors.

 sshzlib.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

commit 77aff29e18fda1880e197fd30f13c3fe5085d9bf
web diff https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=77aff29e18fda1880e197fd30f13c3fe5085d9bf;hp=eecefcb23cb8db466d18ffdd7818b9c40cdad59e
Author: Simon Tatham <anakin at pobox.com>
Date:   Sun Apr 28 09:59:28 2019 +0100

    Fix a benign buffer overrun in sshzlib.c.
    
    The structure field 'lengths' in 'struct zlib_decompress_ctx' was the
    right length for the amount of data you might _sensibly_ want to put
    in it, but two bytes shorter than the amount that the compressed block
    header allows someone to _physically_ try to put into it. Now it has
    the full maximum length.
    
    The previous overrun could only reach two bytes beyond the end of the
    array, and in every target architecture I know of, those two bytes
    would have been structure padding, so it wasn't causing any real trouble.

 sshzlib.c | 46 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

More information about the tartarus-commits mailing list