Blame SOURCES/openssl-1.0.2k-cve-2017-3736.patch
|
|
fd2893 |
From 38d600147331d36e74174ebbd4008b63188b321b Mon Sep 17 00:00:00 2001
|
|
|
fd2893 |
From: Andy Polyakov <appro@openssl.org>
|
|
|
fd2893 |
Date: Thu, 17 Aug 2017 21:08:57 +0200
|
|
|
fd2893 |
Subject: [PATCH] bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal.
|
|
|
fd2893 |
|
|
|
fd2893 |
Credit to OSS-Fuzz for finding this.
|
|
|
fd2893 |
|
|
|
fd2893 |
CVE-2017-3736
|
|
|
fd2893 |
|
|
|
fd2893 |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
fd2893 |
---
|
|
|
fd2893 |
crypto/bn/asm/x86_64-mont5.pl | 12 ++++++++++--
|
|
|
fd2893 |
1 file changed, 10 insertions(+), 2 deletions(-)
|
|
|
fd2893 |
|
|
|
fd2893 |
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
|
|
|
fd2893 |
index 3bb0cdf..42178e4 100755
|
|
|
fd2893 |
--- a/crypto/bn/asm/x86_64-mont5.pl
|
|
|
fd2893 |
+++ b/crypto/bn/asm/x86_64-mont5.pl
|
|
|
fd2893 |
@@ -3090,11 +3090,19 @@ $code.=<<___;
|
|
|
fd2893 |
|
|
|
fd2893 |
.align 32
|
|
|
fd2893 |
.Lsqrx8x_break:
|
|
|
fd2893 |
- sub 16+8(%rsp),%r8 # consume last carry
|
|
|
fd2893 |
+ xor $zero,$zero
|
|
|
fd2893 |
+ sub 16+8(%rsp),%rbx # mov 16(%rsp),%cf
|
|
|
fd2893 |
+ adcx $zero,%r8
|
|
|
fd2893 |
mov 24+8(%rsp),$carry # initial $tptr, borrow $carry
|
|
|
fd2893 |
+ adcx $zero,%r9
|
|
|
fd2893 |
mov 0*8($aptr),%rdx # a[8], modulo-scheduled
|
|
|
fd2893 |
- xor %ebp,%ebp # xor $zero,$zero
|
|
|
fd2893 |
+ adc \$0,%r10
|
|
|
fd2893 |
mov %r8,0*8($tptr)
|
|
|
fd2893 |
+ adc \$0,%r11
|
|
|
fd2893 |
+ adc \$0,%r12
|
|
|
fd2893 |
+ adc \$0,%r13
|
|
|
fd2893 |
+ adc \$0,%r14
|
|
|
fd2893 |
+ adc \$0,%r15
|
|
|
fd2893 |
cmp $carry,$tptr # cf=0, of=0
|
|
|
fd2893 |
je .Lsqrx8x_outer_loop
|
|
|
fd2893 |
|
|
|
fd2893 |
--
|
|
|
fd2893 |
2.9.5
|
|
|
fd2893 |
|