Your message dated Thu, 06 Jul 2017 16:51:07 +0000 with message-id <[email protected]> and subject line Bug#866964: fixed in libgcrypt20 1.7.8-2 has caused the Debian Bug report #866964, regarding libgcrypt20: mpi_set_secure leads to heap corruption to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 866964: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866964 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: libgcrypt20 Version: 1.7.6-2+deb9u1 Severity: normal Tags: patch The function `mpi_set_secure' is used by `gcry_mpi_set_flag' to convert an integer so as to use `secure' (i.e., locked, non-swappable) memory. It's broken. The code in 1.7.8 (sid) is the same, so that's broken too. The code allocates enough secure memory for the active limbs, copies them from the existing buffer, and stores a pointer to the new buffer -- all without reducing the separate count of the number of allocated limbs. In particular, when the securified integer is freed, `_gcry_mpi_free' calls `_gcry_mpi_free_limb_space' to release the limb buffer, giving it the allocated size, and the latter attempts to zeroize the storage, leading to a heap corruption. The patch fixes the problem. I've not thought deeply about the performance effects: maybe it'd be better to allocate the same total limb buffer rather than just the active size, but this patch is simple and obviously right. diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 6dee0b9..2a32d26 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -260,6 +260,7 @@ mpi_set_secure( gcry_mpi_t a ) MPN_COPY( bp, ap, a->nlimbs ); a->d = bp; _gcry_mpi_free_limb_space (ap, a->alloced); + a->alloced = a->nlimbs; } -- System Information: Debian Release: 9.0 APT prefers stable APT policy: (990, 'stable') Architecture: i386 (i686) Foreign Architectures: amd64 Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages libgcrypt20 depends on: ii libc6 2.24-11+deb9u1 ii libgpg-error0 1.26-2 libgcrypt20 recommends no packages. Versions of packages libgcrypt20 suggests: pn rng-tools <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: libgcrypt20 Source-Version: 1.7.8-2 We believe that the bug you reported is fixed in the latest version of libgcrypt20, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Metzler <[email protected]> (supplier of updated libgcrypt20 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 06 Jul 2017 18:16:23 +0200 Source: libgcrypt20 Binary: libgcrypt20-doc libgcrypt20-dev libgcrypt20 libgcrypt20-udeb libgcrypt11-dev libgcrypt-mingw-w64-dev Architecture: source Version: 1.7.8-2 Distribution: unstable Urgency: medium Maintainer: Debian GnuTLS Maintainers <[email protected]> Changed-By: Andreas Metzler <[email protected]> Closes: 866964 Description: libgcrypt11-dev - transitional libgcrypt11-dev package libgcrypt20-dev - LGPL Crypto library - development files libgcrypt20-doc - LGPL Crypto library - documentation libgcrypt20 - LGPL Crypto library - runtime library libgcrypt20-udeb - LGPL Crypto library - runtime library (udeb) libgcrypt-mingw-w64-dev - LGPL Crypto library - Windows development Changes: libgcrypt20 (1.7.8-2) unstable; urgency=medium . * 30_mpi-Fix-mpi_set_secure.patch from upstream LIBGCRYPT-1-7-BRANCH: Fix memory allocation in mpi_set_secure. Closes: #866964 * Drop override_dh_strip from debian/rules. Checksums-Sha1: 1749fd19a1841cd01e53759536b32cf26f54d8eb 2914 libgcrypt20_1.7.8-2.dsc 5c56cf8138f3e521d3bb85bb74a2b431d13293af 26620 libgcrypt20_1.7.8-2.debian.tar.xz Checksums-Sha256: 50756aa88fe20558993c3d73e1f611e28ec78daab7b4e61a0ac0efdbd3da910d 2914 libgcrypt20_1.7.8-2.dsc 7ddf57bcb8a1eb78d89af15dc138e4016ebca49ea8b78049ea4c71a8bb4cd31b 26620 libgcrypt20_1.7.8-2.debian.tar.xz Files: 5d6f2f05d4efcc81612dd3052872f94d 2914 libs optional libgcrypt20_1.7.8-2.dsc 8a719bfb2a297943a7f338f1cea212fe 26620 libs optional libgcrypt20_1.7.8-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAlleZV0ACgkQpU8BhUOC FITY0w//TEOok2+lwfHfEV5KiSQJz6aVahEWj/nwn5+nBJx1+7uaFw2NA45xIvXx bs8PeOq5En/TBPXpMkLJQddq6NSP51mfqPqr5JmO3EykVRutiFXvftgv9gzWXF86 5UaA2pq4HH0ouBVO/MR6Oz+nM0dyY/z8N91S4wg+bg8hdABMeLDaAYeRtgiqBcdC q05mcmM3TfpqdtYPnEZIJWa/jIGbT74uDOVfEAo09ZGTyRbBi3HDljEoTvCtfgKm X+KGgsN0y1nztnhO3eVzwHwJ3PSceTHKRZyzRaaOS8WPf3WUBOWx3Cb27VbfJUQw kSN8MWWggic+hDUAnT5MGnVrrdESQATErYwG+ZFj8Cdc5WduKtkY/0c4NkjvndBj d+kHhX9cgelh/eLNRNZINdqIslR66FiIgGAfsPMiHLlEZVzwpLcPj0R3tBfiZIz6 iF8EJmuRLhAicuyKKf/1xCRcdzjM3p4cx4bktqFLP8ACmsFOUZ+YJOaPZh/8Lu2y IldVI0sy95BeTQPV5nQVygJNt9vtRHXILuZKtmA8/ILnda47nu2NQEJBFrVgzLeI 5GT2Ujp+MoMLmYE9YAcxYOK57AYQ4Rbx/tn0yCHyYKue1TYnnvesB4HFy0oVOmYq xjylzMOVDz9dfQgHbe75elRD/rIRcazSwEbH8ZgA2tFMsj4Arms= =yMQB -----END PGP SIGNATURE-----
--- End Message ---

