Enclosed are patches for today's OpenSSL security alert which apply to other versions. The patch for 0.9.7 is supplied by Ben Laurie <benat_private> and the remainder by Vincent Danen (email not supplied). Patches are for 0.9.5a, 0.9.6 (use 0.9.6b patch), 0.9.6b, 0.9.6c, 0.9.7-dev. These patches are known to apply correctly but have not been thoroughly tested. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ Available for contract work. "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --- crypto/cryptlib.c.orig Fri Nov 23 13:57:59 2001 +++ crypto/cryptlib.c Fri Jul 26 10:43:56 2002 @@ -491,3 +491,11 @@ #endif #endif + +void OpenSSLDie(const char *file,int line,const char *assertion) + { + fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n", + file,line,assertion); + abort(); + } + --- crypto/cryptlib.h.orig Tue May 2 06:35:04 2000 +++ crypto/cryptlib.h Fri Jul 26 10:43:56 2002 @@ -89,6 +89,14 @@ #define X509_CERT_DIR_EVP "SSL_CERT_DIR" #define X509_CERT_FILE_EVP "SSL_CERT_FILE" +/* size of string represenations */ +#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) +#define HEX_SIZE(type) ((sizeof(type)*2) + +/* die if we have to */ +void OpenSSLDie(const char *file,int line,const char *assertion); +#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) + #ifdef __cplusplus } #endif --- crypto/asn1/asn1_lib.c.orig Fri Mar 30 06:42:32 2001 +++ crypto/asn1/asn1_lib.c Fri Jul 26 10:43:56 2002 @@ -407,7 +407,7 @@ void asn1_add_error(unsigned char *address, int offset) { - char buf1[16],buf2[16]; + char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; sprintf(buf1,"%lu",(unsigned long)address); sprintf(buf2,"%d",offset); --- crypto/conf/conf.c.orig Sun Jan 30 15:19:51 2000 +++ crypto/conf/conf.c Fri Jul 26 13:17:49 2002 @@ -64,7 +64,7 @@ #include <openssl/conf.h> #include <openssl/buffer.h> #include <openssl/err.h> - +#include "cryptlib.h" #include "conf_lcl.h" static void value_free_hash(CONF_VALUE *a, LHASH *conf); @@ -123,12 +123,12 @@ { LHASH *ret=NULL; #define BUFSIZE 512 - char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again,n; long eline=0; + char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*vv,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; --- crypto/objects/obj_dat.c.orig Mon Sep 4 09:34:35 2000 +++ crypto/objects/obj_dat.c Fri Jul 26 10:43:56 2002 @@ -428,7 +428,7 @@ unsigned long l; unsigned char *p; const char *s; - char tbuf[32]; + char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); --- ssl/s2_clnt.c.orig Sat Nov 10 03:43:51 2001 +++ ssl/s2_clnt.c Fri Jul 26 10:43:56 2002 @@ -116,6 +116,7 @@ #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_client_method(int ver); static int get_server_finished(SSL *s); @@ -517,6 +518,7 @@ } s->s2->conn_id_length=s->s2->tmp.conn_id_length; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); return(1); } @@ -618,6 +620,7 @@ /* make key_arg data */ i=EVP_CIPHER_iv_length(c); sess->key_arg_length=i; + die(i <= SSL_MAX_KEY_ARG_LENGTH); if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); /* make a master key */ @@ -625,6 +628,7 @@ sess->master_key_length=i; if (i > 0) { + die(i <= sizeof sess->master_key); if (RAND_bytes(sess->master_key,i) <= 0) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); @@ -668,6 +672,7 @@ d+=enc; karg=sess->key_arg_length; s2n(karg,p); /* key arg size */ + die(karg <= sizeof sess->key_arg); memcpy(d,sess->key_arg,(unsigned int)karg); d+=karg; @@ -688,6 +693,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_CLIENT_FINISHED; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; @@ -944,6 +950,8 @@ { if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { + die(s->session->session_id_length + <= sizeof s->session->session_id); if (memcmp(buf,s->session->session_id, (unsigned int)s->session->session_id_length) != 0) { --- ssl/s2_lib.c.orig Tue Dec 26 05:06:47 2000 +++ ssl/s2_lib.c Fri Jul 26 10:52:20 2002 @@ -62,6 +62,7 @@ #include <openssl/rsa.h> #include <openssl/objects.h> #include <openssl/md5.h> +#include "cryptlib.h" static long ssl2_default_timeout(void ); const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; @@ -425,10 +426,14 @@ #endif km=s->s2->key_material; + die(s->s2->key_material_length <= sizeof s->s2->key_material); for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) { MD5_Init(&ctx); - + + die(s->session->master_key_length >= 0 + && s->session->master_key_length + < sizeof s->session->master_key); MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); MD5_Update(&ctx,&c,1); c++; @@ -463,6 +468,7 @@ /* state=s->rwstate;*/ error=s->error; s->error=0; + die(error >= 0 && error <= 3); i=ssl2_write(s,&(buf[3-error]),error); /* if (i == error) s->rwstate=state; */ --- ssl/s2_srvr.c.orig Mon Jul 9 08:11:04 2001 +++ ssl/s2_srvr.c Fri Jul 26 12:11:39 2002 @@ -63,6 +63,7 @@ #include <openssl/rand.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_server_method(int ver); static int get_client_master_key(SSL *s); @@ -361,12 +362,19 @@ n2s(p,i); s->s2->tmp.clear=i; n2s(p,i); s->s2->tmp.enc=i; n2s(p,i); s->session->key_arg_length=i; + if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH) + { + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, + SSL_R_KEY_ARG_TOO_LONG); + return -1; + } s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; s->init_num=0; } /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ p=(unsigned char *)s->init_buf->data; + die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER); keya=s->session->key_arg_length; n=s->s2->tmp.clear+s->s2->tmp.enc+keya - s->init_num; i=ssl2_read(s,(char *)&(p[s->init_num]),n); @@ -440,6 +448,7 @@ #endif if (is_export) i+=s->s2->tmp.clear; + die(i <= SSL_MAX_MASTER_KEY_LENGTH); s->session->master_key_length=i; memcpy(s->session->master_key,p,(unsigned int)i); return(1); @@ -580,6 +589,7 @@ p+=s->s2->tmp.session_id_length; /* challenge */ + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); return(1); mem_err: @@ -730,6 +740,7 @@ } /* SSL2_ST_GET_CLIENT_FINISHED_B */ + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); i=ssl2_read(s,(char *)&(p[s->init_num]),s->s2->conn_id_length-s->init_num); if (i < (int)s->s2->conn_id_length-s->init_num) { @@ -752,6 +763,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_VERIFY; + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); /* p+=s->s2->challenge_length; */ @@ -771,6 +783,8 @@ p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_FINISHED; + die(s->session->session_id_length + <= sizeof s->session->session_id); memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); /* p+=s->session->session_id_length; */ --- ssl/s3_clnt.c.orig Thu Oct 25 02:18:54 2001 +++ ssl/s3_clnt.c Fri Jul 26 10:56:23 2002 @@ -64,6 +64,7 @@ #include <openssl/sha.h> #include <openssl/evp.h> #include "ssl_locl.h" +#include "cryptlib.h" static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); @@ -492,6 +493,7 @@ *(p++)=i; if (i != 0) { + die(i <= sizeof s->session->session_id); memcpy(p,s->session->session_id,i); p+=i; } @@ -572,6 +574,14 @@ /* get the session-id */ j= *(p++); + + if(j > sizeof s->session->session_id) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, + SSL_R_SSL3_SESSION_ID_TOO_LONG); + goto f_err; + } if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) { --- ssl/ssl.h.orig Mon Dec 17 12:24:39 2001 +++ ssl/ssl.h Fri Jul 26 11:36:19 2002 @@ -1423,6 +1423,7 @@ #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KEY_ARG_TOO_LONG 1112 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 @@ -1491,6 +1492,7 @@ #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 +#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 --- ssl/ssl_asn1.c.orig Thu Jun 1 16:19:19 2000 +++ ssl/ssl_asn1.c Fri Jul 26 11:37:53 2002 @@ -62,6 +62,7 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include "ssl_locl.h" +#include "cryptlib.h" typedef struct ssl_session_asn1_st { @@ -275,6 +276,7 @@ os.length=i; ret->session_id_length=os.length; + die(os.length <= sizeof ret->session_id); memcpy(ret->session_id,os.data,os.length); M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); --- ssl/ssl_err.c.orig Fri Nov 9 18:15:29 2001 +++ ssl/ssl_err.c Fri Jul 26 11:39:21 2002 @@ -1,6 +1,6 @@ /* ssl/ssl_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -275,6 +275,7 @@ {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, +{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"}, {SSL_R_LENGTH_MISMATCH ,"length mismatch"}, {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, {SSL_R_LIBRARY_BUG ,"library bug"}, @@ -343,6 +344,7 @@ {SSL_R_SHORT_READ ,"short read"}, {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, {SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, +{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"}, {SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, {SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, {SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, --- ssl/ssl_sess.c.orig Wed Nov 29 11:12:32 2000 +++ ssl/ssl_sess.c Fri Jul 26 10:43:56 2002 @@ -60,6 +60,7 @@ #include <openssl/lhash.h> #include <openssl/rand.h> #include "ssl_locl.h" +#include "cryptlib.h" static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); @@ -199,6 +200,7 @@ ss->session_id_length=0; } + die(s->sid_ctx_length <= sizeof ss->sid_ctx); memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); ss->sid_ctx_length=s->sid_ctx_length; s->session=ss; --- ssl/s3_srvr.c.orig Thu Oct 25 02:18:56 2001 +++ ssl/s3_srvr.c Fri Jul 26 11:27:08 2002 @@ -122,6 +122,7 @@ #include <openssl/evp.h> #include <openssl/x509.h> #include "ssl_locl.h" +#include "cryptlib.h" static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); @@ -942,6 +943,7 @@ s->session->session_id_length=0; sl=s->session->session_id_length; + die(sl <= sizeof s->session->session_id); *(p++)=sl; memcpy(p,s->session->session_id,sl); p+=sl; --- crypto/cryptlib.c.orig Fri Nov 23 13:57:59 2001 +++ crypto/cryptlib.c Fri Jul 26 10:43:56 2002 @@ -491,3 +491,11 @@ #endif #endif + +void OpenSSLDie(const char *file,int line,const char *assertion) + { + fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n", + file,line,assertion); + abort(); + } + --- crypto/cryptlib.h.orig Tue May 2 06:35:04 2000 +++ crypto/cryptlib.h Fri Jul 26 10:43:56 2002 @@ -89,6 +89,14 @@ #define X509_CERT_DIR_EVP "SSL_CERT_DIR" #define X509_CERT_FILE_EVP "SSL_CERT_FILE" +/* size of string represenations */ +#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) +#define HEX_SIZE(type) ((sizeof(type)*2) + +/* die if we have to */ +void OpenSSLDie(const char *file,int line,const char *assertion); +#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) + #ifdef __cplusplus } #endif --- crypto/asn1/asn1_lib.c.orig Fri Mar 30 06:42:32 2001 +++ crypto/asn1/asn1_lib.c Fri Jul 26 10:43:56 2002 @@ -407,7 +407,7 @@ void asn1_add_error(unsigned char *address, int offset) { - char buf1[16],buf2[16]; + char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; sprintf(buf1,"%lu",(unsigned long)address); sprintf(buf2,"%d",offset); --- crypto/conf/conf_def.c.orig Tue Jun 6 09:21:12 2000 +++ crypto/conf/conf_def.c Fri Jul 26 10:43:56 2002 @@ -67,6 +67,7 @@ #include "conf_def.h" #include <openssl/buffer.h> #include <openssl/err.h> +#include "cryptlib.h" static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); @@ -180,12 +181,12 @@ static int def_load(CONF *conf, BIO *in, long *line) { #define BUFSIZE 512 - char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again,n; long eline=0; + char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; --- crypto/objects/obj_dat.c.orig Mon Sep 4 09:34:35 2000 +++ crypto/objects/obj_dat.c Fri Jul 26 10:43:56 2002 @@ -428,7 +428,7 @@ unsigned long l; unsigned char *p; const char *s; - char tbuf[32]; + char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); --- ssl/s2_clnt.c.orig Sat Nov 10 03:43:51 2001 +++ ssl/s2_clnt.c Fri Jul 26 10:43:56 2002 @@ -116,6 +116,7 @@ #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_client_method(int ver); static int get_server_finished(SSL *s); @@ -517,6 +518,7 @@ } s->s2->conn_id_length=s->s2->tmp.conn_id_length; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); return(1); } @@ -618,6 +620,7 @@ /* make key_arg data */ i=EVP_CIPHER_iv_length(c); sess->key_arg_length=i; + die(i <= SSL_MAX_KEY_ARG_LENGTH); if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); /* make a master key */ @@ -625,6 +628,7 @@ sess->master_key_length=i; if (i > 0) { + die(i <= sizeof sess->master_key); if (RAND_bytes(sess->master_key,i) <= 0) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); @@ -668,6 +672,7 @@ d+=enc; karg=sess->key_arg_length; s2n(karg,p); /* key arg size */ + die(karg <= sizeof sess->key_arg); memcpy(d,sess->key_arg,(unsigned int)karg); d+=karg; @@ -688,6 +693,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_CLIENT_FINISHED; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; @@ -944,6 +950,8 @@ { if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { + die(s->session->session_id_length + <= sizeof s->session->session_id); if (memcmp(buf,s->session->session_id, (unsigned int)s->session->session_id_length) != 0) { --- ssl/s2_lib.c.orig Tue Dec 26 05:06:47 2000 +++ ssl/s2_lib.c Fri Jul 26 10:52:20 2002 @@ -62,6 +62,7 @@ #include <openssl/rsa.h> #include <openssl/objects.h> #include <openssl/md5.h> +#include "cryptlib.h" static long ssl2_default_timeout(void ); const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; @@ -425,10 +426,14 @@ #endif km=s->s2->key_material; + die(s->s2->key_material_length <= sizeof s->s2->key_material); for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) { MD5_Init(&ctx); - + + die(s->session->master_key_length >= 0 + && s->session->master_key_length + < sizeof s->session->master_key); MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); MD5_Update(&ctx,&c,1); c++; @@ -463,6 +468,7 @@ /* state=s->rwstate;*/ error=s->error; s->error=0; + die(error >= 0 && error <= 3); i=ssl2_write(s,&(buf[3-error]),error); /* if (i == error) s->rwstate=state; */ --- ssl/s2_srvr.c.orig Mon Jul 9 08:11:04 2001 +++ ssl/s2_srvr.c Fri Jul 26 12:11:39 2002 @@ -63,6 +63,7 @@ #include <openssl/rand.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_server_method(int ver); static int get_client_master_key(SSL *s); @@ -361,12 +362,19 @@ n2s(p,i); s->s2->tmp.clear=i; n2s(p,i); s->s2->tmp.enc=i; n2s(p,i); s->session->key_arg_length=i; + if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH) + { + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, + SSL_R_KEY_ARG_TOO_LONG); + return -1; + } s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; s->init_num=0; } /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ p=(unsigned char *)s->init_buf->data; + die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER); keya=s->session->key_arg_length; n=s->s2->tmp.clear+s->s2->tmp.enc+keya - s->init_num; i=ssl2_read(s,(char *)&(p[s->init_num]),n); @@ -440,6 +448,7 @@ #endif if (is_export) i+=s->s2->tmp.clear; + die(i <= SSL_MAX_MASTER_KEY_LENGTH); s->session->master_key_length=i; memcpy(s->session->master_key,p,(unsigned int)i); return(1); @@ -580,6 +589,7 @@ p+=s->s2->tmp.session_id_length; /* challenge */ + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); return(1); mem_err: @@ -730,6 +740,7 @@ } /* SSL2_ST_GET_CLIENT_FINISHED_B */ + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); i=ssl2_read(s,(char *)&(p[s->init_num]),s->s2->conn_id_length-s->init_num); if (i < (int)s->s2->conn_id_length-s->init_num) { @@ -752,6 +763,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_VERIFY; + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); /* p+=s->s2->challenge_length; */ @@ -771,6 +783,8 @@ p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_FINISHED; + die(s->session->session_id_length + <= sizeof s->session->session_id); memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); /* p+=s->session->session_id_length; */ --- ssl/s3_clnt.c.orig Thu Oct 25 02:18:54 2001 +++ ssl/s3_clnt.c Fri Jul 26 10:56:23 2002 @@ -64,6 +64,7 @@ #include <openssl/sha.h> #include <openssl/evp.h> #include "ssl_locl.h" +#include "cryptlib.h" static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); @@ -492,6 +493,7 @@ *(p++)=i; if (i != 0) { + die(i <= sizeof s->session->session_id); memcpy(p,s->session->session_id,i); p+=i; } @@ -572,6 +574,14 @@ /* get the session-id */ j= *(p++); + + if(j > sizeof s->session->session_id) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, + SSL_R_SSL3_SESSION_ID_TOO_LONG); + goto f_err; + } if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) { --- ssl/ssl.h.orig Mon Dec 17 12:24:39 2001 +++ ssl/ssl.h Fri Jul 26 11:36:19 2002 @@ -1423,6 +1423,7 @@ #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KEY_ARG_TOO_LONG 1112 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 @@ -1491,6 +1492,7 @@ #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 +#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 --- ssl/ssl_asn1.c.orig Thu Jun 1 16:19:19 2000 +++ ssl/ssl_asn1.c Fri Jul 26 11:37:53 2002 @@ -62,6 +62,7 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include "ssl_locl.h" +#include "cryptlib.h" typedef struct ssl_session_asn1_st { @@ -275,6 +276,7 @@ os.length=i; ret->session_id_length=os.length; + die(os.length <= sizeof ret->session_id); memcpy(ret->session_id,os.data,os.length); M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); --- ssl/ssl_err.c.orig Fri Nov 9 18:15:29 2001 +++ ssl/ssl_err.c Fri Jul 26 11:39:21 2002 @@ -1,6 +1,6 @@ /* ssl/ssl_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -275,6 +275,7 @@ {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, +{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"}, {SSL_R_LENGTH_MISMATCH ,"length mismatch"}, {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, {SSL_R_LIBRARY_BUG ,"library bug"}, @@ -343,6 +344,7 @@ {SSL_R_SHORT_READ ,"short read"}, {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, {SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, +{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"}, {SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, {SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, {SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, --- ssl/ssl_sess.c.orig Wed Nov 29 11:12:32 2000 +++ ssl/ssl_sess.c Fri Jul 26 10:43:56 2002 @@ -60,6 +60,7 @@ #include <openssl/lhash.h> #include <openssl/rand.h> #include "ssl_locl.h" +#include "cryptlib.h" static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); @@ -199,6 +200,7 @@ ss->session_id_length=0; } + die(s->sid_ctx_length <= sizeof ss->sid_ctx); memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); ss->sid_ctx_length=s->sid_ctx_length; s->session=ss; --- ssl/s3_srvr.c.orig Thu Oct 25 02:18:56 2001 +++ ssl/s3_srvr.c Fri Jul 26 11:27:08 2002 @@ -122,6 +122,7 @@ #include <openssl/evp.h> #include <openssl/x509.h> #include "ssl_locl.h" +#include "cryptlib.h" static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); @@ -942,6 +943,7 @@ s->session->session_id_length=0; sl=s->session->session_id_length; + die(sl <= sizeof s->session->session_id); *(p++)=sl; memcpy(p,s->session->session_id,sl); p+=sl; --- crypto/cryptlib.c.orig Fri Nov 23 13:57:59 2001 +++ crypto/cryptlib.c Fri Jul 26 10:43:56 2002 @@ -491,3 +491,11 @@ #endif #endif + +void OpenSSLDie(const char *file,int line,const char *assertion) + { + fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n", + file,line,assertion); + abort(); + } + --- crypto/cryptlib.h.orig Tue May 2 06:35:04 2000 +++ crypto/cryptlib.h Fri Jul 26 10:43:56 2002 @@ -89,6 +89,14 @@ #define X509_CERT_DIR_EVP "SSL_CERT_DIR" #define X509_CERT_FILE_EVP "SSL_CERT_FILE" +/* size of string represenations */ +#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) +#define HEX_SIZE(type) ((sizeof(type)*2) + +/* die if we have to */ +void OpenSSLDie(const char *file,int line,const char *assertion); +#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) + #ifdef __cplusplus } #endif --- crypto/asn1/asn1_lib.c.orig Fri Mar 30 06:42:32 2001 +++ crypto/asn1/asn1_lib.c Fri Jul 26 10:43:56 2002 @@ -407,7 +407,7 @@ void asn1_add_error(unsigned char *address, int offset) { - char buf1[16],buf2[16]; + char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; sprintf(buf1,"%lu",(unsigned long)address); sprintf(buf2,"%d",offset); --- crypto/conf/conf_def.c.orig Tue Jun 6 09:21:12 2000 +++ crypto/conf/conf_def.c Fri Jul 26 10:43:56 2002 @@ -67,6 +67,7 @@ #include "conf_def.h" #include <openssl/buffer.h> #include <openssl/err.h> +#include "cryptlib.h" static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); @@ -180,12 +181,12 @@ static int def_load(CONF *conf, BIO *in, long *line) { #define BUFSIZE 512 - char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again,n; long eline=0; + char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; --- crypto/objects/obj_dat.c.orig Mon Sep 4 09:34:35 2000 +++ crypto/objects/obj_dat.c Fri Jul 26 10:43:56 2002 @@ -428,7 +428,7 @@ unsigned long l; unsigned char *p; const char *s; - char tbuf[32]; + char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); --- ssl/s2_clnt.c.orig Sat Nov 10 03:43:51 2001 +++ ssl/s2_clnt.c Fri Jul 26 10:43:56 2002 @@ -116,6 +116,7 @@ #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_client_method(int ver); static int get_server_finished(SSL *s); @@ -517,6 +518,7 @@ } s->s2->conn_id_length=s->s2->tmp.conn_id_length; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); return(1); } @@ -618,6 +620,7 @@ /* make key_arg data */ i=EVP_CIPHER_iv_length(c); sess->key_arg_length=i; + die(i <= SSL_MAX_KEY_ARG_LENGTH); if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); /* make a master key */ @@ -625,6 +628,7 @@ sess->master_key_length=i; if (i > 0) { + die(i <= sizeof sess->master_key); if (RAND_bytes(sess->master_key,i) <= 0) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); @@ -668,6 +672,7 @@ d+=enc; karg=sess->key_arg_length; s2n(karg,p); /* key arg size */ + die(karg <= sizeof sess->key_arg); memcpy(d,sess->key_arg,(unsigned int)karg); d+=karg; @@ -688,6 +693,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_CLIENT_FINISHED; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; @@ -944,6 +950,8 @@ { if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { + die(s->session->session_id_length + <= sizeof s->session->session_id); if (memcmp(buf,s->session->session_id, (unsigned int)s->session->session_id_length) != 0) { --- ssl/s2_lib.c.orig Tue Dec 26 05:06:47 2000 +++ ssl/s2_lib.c Fri Jul 26 10:52:20 2002 @@ -62,6 +62,7 @@ #include <openssl/rsa.h> #include <openssl/objects.h> #include <openssl/md5.h> +#include "cryptlib.h" static long ssl2_default_timeout(void ); const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; @@ -425,10 +426,14 @@ #endif km=s->s2->key_material; + die(s->s2->key_material_length <= sizeof s->s2->key_material); for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) { MD5_Init(&ctx); - + + die(s->session->master_key_length >= 0 + && s->session->master_key_length + < sizeof s->session->master_key); MD5_Update(&ctx,s->session->master_key,s->session->master_key_length); MD5_Update(&ctx,&c,1); c++; @@ -463,6 +468,7 @@ /* state=s->rwstate;*/ error=s->error; s->error=0; + die(error >= 0 && error <= 3); i=ssl2_write(s,&(buf[3-error]),error); /* if (i == error) s->rwstate=state; */ --- ssl/s2_srvr.c.orig Wed Nov 14 14:19:47 2001 +++ ssl/s2_srvr.c Fri Jul 26 10:43:56 2002 @@ -116,6 +116,7 @@ #include <openssl/rand.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_server_method(int ver); static int get_client_master_key(SSL *s); @@ -417,11 +418,18 @@ n2s(p,i); s->s2->tmp.clear=i; n2s(p,i); s->s2->tmp.enc=i; n2s(p,i); s->session->key_arg_length=i; + if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH) + { + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, + SSL_R_KEY_ARG_TOO_LONG); + return -1; + } s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; } /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ p=(unsigned char *)s->init_buf->data; + die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER); keya=s->session->key_arg_length; len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) @@ -502,6 +510,7 @@ #endif if (is_export) i+=s->s2->tmp.clear; + die(i <= SSL_MAX_MASTER_KEY_LENGTH); s->session->master_key_length=i; memcpy(s->session->master_key,p,(unsigned int)i); return(1); @@ -649,6 +658,7 @@ p+=s->s2->tmp.session_id_length; /* challenge */ + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); return(1); mem_err: @@ -800,6 +810,7 @@ } /* SSL2_ST_GET_CLIENT_FINISHED_B */ + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); len = 1 + (unsigned long)s->s2->conn_id_length; n = (int)len - s->init_num; i = ssl2_read(s,(char *)&(p[s->init_num]),n); @@ -825,6 +836,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_VERIFY; + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); /* p+=s->s2->challenge_length; */ @@ -844,6 +856,8 @@ p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_FINISHED; + die(s->session->session_id_length + <= sizeof s->session->session_id); memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); /* p+=s->session->session_id_length; */ --- ssl/s3_clnt.c.orig Thu Oct 25 02:18:54 2001 +++ ssl/s3_clnt.c Fri Jul 26 10:56:23 2002 @@ -64,6 +64,7 @@ #include <openssl/sha.h> #include <openssl/evp.h> #include "ssl_locl.h" +#include "cryptlib.h" static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); @@ -492,6 +493,7 @@ *(p++)=i; if (i != 0) { + die(i <= sizeof s->session->session_id); memcpy(p,s->session->session_id,i); p+=i; } @@ -572,6 +574,14 @@ /* get the session-id */ j= *(p++); + + if(j > sizeof s->session->session_id) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, + SSL_R_SSL3_SESSION_ID_TOO_LONG); + goto f_err; + } if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) { --- ssl/ssl.h.orig Mon Dec 17 12:24:39 2001 +++ ssl/ssl.h Fri Jul 26 11:36:19 2002 @@ -1423,6 +1423,7 @@ #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KEY_ARG_TOO_LONG 1112 #define SSL_R_LENGTH_MISMATCH 159 #define SSL_R_LENGTH_TOO_SHORT 160 #define SSL_R_LIBRARY_BUG 274 @@ -1491,6 +1492,7 @@ #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 +#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 --- ssl/ssl_asn1.c.orig Thu Jun 1 16:19:19 2000 +++ ssl/ssl_asn1.c Fri Jul 26 11:37:53 2002 @@ -62,6 +62,7 @@ #include <openssl/objects.h> #include <openssl/x509.h> #include "ssl_locl.h" +#include "cryptlib.h" typedef struct ssl_session_asn1_st { @@ -275,6 +276,7 @@ os.length=i; ret->session_id_length=os.length; + die(os.length <= sizeof ret->session_id); memcpy(ret->session_id,os.data,os.length); M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); --- ssl/ssl_err.c.orig Fri Nov 9 18:15:29 2001 +++ ssl/ssl_err.c Fri Jul 26 11:39:21 2002 @@ -1,6 +1,6 @@ /* ssl/ssl_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -275,6 +275,7 @@ {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, +{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"}, {SSL_R_LENGTH_MISMATCH ,"length mismatch"}, {SSL_R_LENGTH_TOO_SHORT ,"length too short"}, {SSL_R_LIBRARY_BUG ,"library bug"}, @@ -343,6 +344,7 @@ {SSL_R_SHORT_READ ,"short read"}, {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, {SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, +{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"}, {SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, {SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, {SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, --- ssl/ssl_sess.c.orig Wed Nov 29 11:12:32 2000 +++ ssl/ssl_sess.c Fri Jul 26 10:43:56 2002 @@ -60,6 +60,7 @@ #include <openssl/lhash.h> #include <openssl/rand.h> #include "ssl_locl.h" +#include "cryptlib.h" static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); @@ -199,6 +200,7 @@ ss->session_id_length=0; } + die(s->sid_ctx_length <= sizeof ss->sid_ctx); memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); ss->sid_ctx_length=s->sid_ctx_length; s->session=ss; --- ssl/s3_srvr.c.orig Thu Oct 25 02:18:56 2001 +++ ssl/s3_srvr.c Fri Jul 26 11:27:08 2002 @@ -122,6 +122,7 @@ #include <openssl/evp.h> #include <openssl/x509.h> #include "ssl_locl.h" +#include "cryptlib.h" static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); @@ -942,6 +943,7 @@ s->session->session_id_length=0; sl=s->session->session_id_length; + die(sl <= sizeof s->session->session_id); *(p++)=sl; memcpy(p,s->session->session_id,sl); p+=sl; Index: CHANGES =================================================================== RCS file: /e/openssl/cvs/openssl/CHANGES,v retrieving revision 1.977.2.42 diff -u -r1.977.2.42 CHANGES --- CHANGES 2002/07/16 09:18:25 1.977.2.42 +++ CHANGES 2002/07/30 09:54:48 @@ -4,6 +4,38 @@ Changes between 0.9.6e and 0.9.7 [XX xxx 2002] +Changes marked "(CHATS)" were sponsored by the Defense Advanced +Research Projects Agency (DARPA) and Air Force Research Laboratory, +Air Force Materiel Command, USAF, under agreement number +F30602-01-2-0537. + + *) Add various sanity checks to asn1_get_length() to reject + the ASN1 length bytes if they exceed sizeof(long), will appear + negative or the content length exceeds the length of the + supplied buffer. (CAN-2002-0659) + [Steve Henson, Adi Stav <stavat_private>, James Yonan <jimat_private>] + + *) Assertions for various potential buffer overflows, not known to + happen in practice. + [Ben Laurie (CHATS)] + + *) Various temporary buffers to hold ASCII versions of integers were + too small for 64 bit platforms. (CAN-2002-0655) + [Matthew Byng-Maddick <mbmat_private> and Ben Laurie (CHATS)> + + *) Remote buffer overflow in SSL3 protocol - an attacker could + supply an oversized master key in Kerberos-enabled versions. + (CAN-2002-0657) + [Ben Laurie (CHATS)] + + *) Remote buffer overflow in SSL3 protocol - an attacker could + supply an oversized session ID to a client. (CAN-2002-0656) + [Ben Laurie (CHATS)] + + *) Remote buffer overflow in SSL2 protocol - an attacker could + supply an oversized client master key. (CAN-2002-0656) + [Ben Laurie (CHATS)] + *) Add appropriate support for separate platform-dependent build directories. The recommended way to make a platform-dependent build directory is the following (tested on Linux), maybe with @@ -1654,6 +1686,12 @@ [Richard Levitte] Changes between 0.9.6d and 0.9.6e [XX xxx XXXX] + + *) Add various sanity checks to asn1_get_length() to reject + the ASN1 length bytes if they exceed sizeof(long), will appear + negative or the content length exceeds the length of the + supplied buffer. + [Steve Henson, Adi Stav <stavat_private>, James Yonan <jimat_private>] *) Fix cipher selection routines: ciphers without encryption had no flags for the cipher strength set and where therefore not handled correctly Index: crypto/cryptlib.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/cryptlib.c,v retrieving revision 1.32 diff -u -r1.32 cryptlib.c --- crypto/cryptlib.c 2001/11/24 04:02:42 1.32 +++ crypto/cryptlib.c 2002/07/30 09:54:50 @@ -492,3 +492,11 @@ #endif #endif + +void OpenSSLDie(const char *file,int line,const char *assertion) + { + fprintf(stderr,"%s(%d): OpenSSL internal error, assertion failed: %s\n", + file,line,assertion); + abort(); + } + Index: crypto/cryptlib.h =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/cryptlib.h,v retrieving revision 1.10 diff -u -r1.10 cryptlib.h --- crypto/cryptlib.h 2001/02/22 14:44:54 1.10 +++ crypto/cryptlib.h 2002/07/30 09:54:50 @@ -89,6 +89,14 @@ #define X509_CERT_DIR_EVP "SSL_CERT_DIR" #define X509_CERT_FILE_EVP "SSL_CERT_FILE" +/* size of string represenations */ +#define DECIMAL_SIZE(type) ((sizeof(type)*8+2)/3+1) +#define HEX_SIZE(type) ((sizeof(type)*2) + +/* die if we have to */ +void OpenSSLDie(const char *file,int line,const char *assertion); +#define die(e) ((e) ? (void)0 : OpenSSLDie(__FILE__, __LINE__, #e)) + #ifdef __cplusplus } #endif Index: crypto/asn1/asn1_lib.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/asn1/asn1_lib.c,v retrieving revision 1.20.2.1 diff -u -r1.20.2.1 asn1_lib.c --- crypto/asn1/asn1_lib.c 2002/06/13 17:38:46 1.20.2.1 +++ crypto/asn1/asn1_lib.c 2002/07/30 09:54:51 @@ -124,15 +124,13 @@ (int)(omax+ *pp)); #endif -#if 0 - if ((p+ *plength) > (omax+ *pp)) + if (*plength > (omax - (*pp - p))) { ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough * the values are set correctly */ ret|=0x80; } -#endif *pp=p; return(ret|inf); err: @@ -159,6 +157,8 @@ i= *p&0x7f; if (*(p++) & 0x80) { + if (i > sizeof(long)) + return 0; if (max-- == 0) return(0); while (i-- > 0) { @@ -170,6 +170,8 @@ else ret=i; } + if (ret < 0) + return 0; *pp=p; *rl=ret; return(1); @@ -407,7 +409,7 @@ void asn1_add_error(unsigned char *address, int offset) { - char buf1[16],buf2[16]; + char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; sprintf(buf1,"%lu",(unsigned long)address); sprintf(buf2,"%d",offset); Index: crypto/conf/conf_def.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/conf/conf_def.c,v retrieving revision 1.12 diff -u -r1.12 conf_def.c --- crypto/conf/conf_def.c 2002/01/24 16:15:17 1.12 +++ crypto/conf/conf_def.c 2002/07/30 09:54:51 @@ -67,6 +67,7 @@ #include "conf_def.h" #include <openssl/buffer.h> #include <openssl/err.h> +#include "cryptlib.h" static char *eat_ws(CONF *conf, char *p); static char *eat_alpha_numeric(CONF *conf, char *p); @@ -208,12 +209,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) { #define BUFSIZE 512 - char btmp[16]; int bufnum=0,i,ii; BUF_MEM *buff=NULL; char *s,*p,*end; int again,n; long eline=0; + char btmp[DECIMAL_SIZE(eline)+1]; CONF_VALUE *v=NULL,*tv; CONF_VALUE *sv=NULL; char *section=NULL,*buf; Index: crypto/conf/conf_mod.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/conf/conf_mod.c,v retrieving revision 1.8.2.6 diff -u -r1.8.2.6 conf_mod.c --- crypto/conf/conf_mod.c 2002/05/08 15:13:24 1.8.2.6 +++ crypto/conf/conf_mod.c 2002/07/30 09:54:52 @@ -230,7 +230,7 @@ { if (!(flags & CONF_MFLAGS_SILENT)) { - char rcode[10]; + char rcode[DECIMAL_SIZE(ret)+1]; CONFerr(CONF_F_CONF_MODULES_LOAD, CONF_R_MODULE_INITIALIZATION_ERROR); sprintf(rcode, "%-8d", ret); ERR_add_error_data(6, "module=", name, ", value=", value, ", retcode=", rcode); Index: crypto/engine/hw_cswift.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/engine/hw_cswift.c,v retrieving revision 1.17.2.1 diff -u -r1.17.2.1 hw_cswift.c --- crypto/engine/hw_cswift.c 2002/06/21 02:48:52 1.17.2.1 +++ crypto/engine/hw_cswift.c 2002/07/30 09:54:53 @@ -501,7 +501,7 @@ goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -518,7 +518,7 @@ if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, &res, 1)) != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -608,7 +608,7 @@ goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -625,7 +625,7 @@ if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, &res, 1)) != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -740,7 +740,7 @@ goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -758,7 +758,7 @@ &res, 1); if(sw_status != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -852,7 +852,7 @@ goto err; default: { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); @@ -874,7 +874,7 @@ &res, 1); if(sw_status != SW_OK) { - char tmpbuf[20]; + char tmpbuf[DECIMAL_SIZE(sw_status)+1]; CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED); sprintf(tmpbuf, "%ld", sw_status); ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf); Index: crypto/objects/obj_dat.c =================================================================== RCS file: /e/openssl/cvs/openssl/crypto/objects/obj_dat.c,v retrieving revision 1.23.2.3 diff -u -r1.23.2.3 obj_dat.c --- crypto/objects/obj_dat.c 2002/05/30 16:49:44 1.23.2.3 +++ crypto/objects/obj_dat.c 2002/07/30 09:54:53 @@ -436,7 +436,7 @@ unsigned long l; unsigned char *p; const char *s; - char tbuf[32]; + char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2]; if (buf_len <= 0) return(0); Index: ssl/s2_clnt.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/s2_clnt.c,v retrieving revision 1.37 diff -u -r1.37 s2_clnt.c --- ssl/s2_clnt.c 2002/01/12 15:56:10 1.37 +++ ssl/s2_clnt.c 2002/07/30 09:55:01 @@ -116,6 +116,7 @@ #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_client_method(int ver); static int get_server_finished(SSL *s); @@ -535,6 +536,7 @@ } s->s2->conn_id_length=s->s2->tmp.conn_id_length; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length); return(1); } @@ -636,6 +638,7 @@ /* make key_arg data */ i=EVP_CIPHER_iv_length(c); sess->key_arg_length=i; + die(i <= SSL_MAX_KEY_ARG_LENGTH); if (i > 0) RAND_pseudo_bytes(sess->key_arg,i); /* make a master key */ @@ -643,6 +646,7 @@ sess->master_key_length=i; if (i > 0) { + die(i <= sizeof sess->master_key); if (RAND_bytes(sess->master_key,i) <= 0) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); @@ -686,6 +690,7 @@ d+=enc; karg=sess->key_arg_length; s2n(karg,p); /* key arg size */ + die(karg <= sizeof sess->key_arg); memcpy(d,sess->key_arg,(unsigned int)karg); d+=karg; @@ -706,6 +711,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_CLIENT_FINISHED; + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length); s->state=SSL2_ST_SEND_CLIENT_FINISHED_B; @@ -978,6 +984,8 @@ { if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) { + die(s->session->session_id_length + <= sizeof s->session->session_id); if (memcmp(buf,s->session->session_id, (unsigned int)s->session->session_id_length) != 0) { Index: ssl/s2_lib.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/s2_lib.c,v retrieving revision 1.39.2.1 diff -u -r1.39.2.1 s2_lib.c --- ssl/s2_lib.c 2002/07/10 06:40:18 1.39.2.1 +++ ssl/s2_lib.c 2002/07/30 09:55:01 @@ -63,6 +63,7 @@ #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/md5.h> +#include "cryptlib.h" static long ssl2_default_timeout(void ); const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT; @@ -428,10 +429,14 @@ #endif EVP_MD_CTX_init(&ctx); km=s->s2->key_material; + die(s->s2->key_material_length <= sizeof s->s2->key_material); for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH) { EVP_DigestInit_ex(&ctx,EVP_md5(), NULL); + die(s->session->master_key_length >= 0 + && s->session->master_key_length + < sizeof s->session->master_key); EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length); EVP_DigestUpdate(&ctx,&c,1); c++; @@ -467,6 +472,7 @@ /* state=s->rwstate;*/ error=s->error; s->error=0; + die(error >= 0 && error <= 3); i=ssl2_write(s,&(buf[3-error]),error); /* if (i == error) s->rwstate=state; */ Index: ssl/s2_srvr.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/s2_srvr.c,v retrieving revision 1.36 diff -u -r1.36 s2_srvr.c --- ssl/s2_srvr.c 2002/01/12 15:56:11 1.36 +++ ssl/s2_srvr.c 2002/07/30 09:55:02 @@ -116,6 +116,7 @@ #include <openssl/rand.h> #include <openssl/objects.h> #include <openssl/evp.h> +#include "cryptlib.h" static SSL_METHOD *ssl2_get_server_method(int ver); static int get_client_master_key(SSL *s); @@ -417,11 +418,18 @@ n2s(p,i); s->s2->tmp.clear=i; n2s(p,i); s->s2->tmp.enc=i; n2s(p,i); s->session->key_arg_length=i; + if(s->session->key_arg_length > SSL_MAX_KEY_ARG_LENGTH) + { + SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, + SSL_R_KEY_ARG_TOO_LONG); + return -1; + } s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B; } /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */ p=(unsigned char *)s->init_buf->data; + die(s->init_buf->length >= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER); keya=s->session->key_arg_length; len = 10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc + (unsigned long)keya; if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) @@ -504,6 +512,7 @@ #endif if (is_export) i+=s->s2->tmp.clear; + die(i <= SSL_MAX_MASTER_KEY_LENGTH); s->session->master_key_length=i; memcpy(s->session->master_key,p,(unsigned int)i); return(1); @@ -670,6 +679,7 @@ p+=s->s2->tmp.session_id_length; /* challenge */ + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length); return(1); mem_err: @@ -826,6 +836,7 @@ } /* SSL2_ST_GET_CLIENT_FINISHED_B */ + die(s->s2->conn_id_length <= sizeof s->s2->conn_id); len = 1 + (unsigned long)s->s2->conn_id_length; n = (int)len - s->init_num; i = ssl2_read(s,(char *)&(p[s->init_num]),n); @@ -853,6 +864,7 @@ { p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_VERIFY; + die(s->s2->challenge_length <= sizeof s->s2->challenge); memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length); /* p+=s->s2->challenge_length; */ @@ -872,6 +884,8 @@ p=(unsigned char *)s->init_buf->data; *(p++)=SSL2_MT_SERVER_FINISHED; + die(s->session->session_id_length + <= sizeof s->session->session_id); memcpy(p,s->session->session_id, (unsigned int)s->session->session_id_length); /* p+=s->session->session_id_length; */ Index: ssl/s3_clnt.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/s3_clnt.c,v retrieving revision 1.53.2.2 diff -u -r1.53.2.2 s3_clnt.c --- ssl/s3_clnt.c 2002/07/10 06:57:48 1.53.2.2 +++ ssl/s3_clnt.c 2002/07/30 09:55:03 @@ -117,6 +117,7 @@ #include <openssl/objects.h> #include <openssl/evp.h> #include <openssl/md5.h> +#include "cryptlib.h" static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); @@ -545,6 +546,7 @@ *(p++)=i; if (i != 0) { + die(i <= sizeof s->session->session_id); memcpy(p,s->session->session_id,i); p+=i; } @@ -626,6 +628,14 @@ /* get the session-id */ j= *(p++); + if(j > sizeof s->session->session_id) + { + al=SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, + SSL_R_SSL3_SESSION_ID_TOO_LONG); + goto f_err; + } + if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) { /* SSLref returns 16 :-( */ @@ -1588,6 +1598,7 @@ SSL_MAX_MASTER_KEY_LENGTH); EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl); outl += padl; + die(outl <= sizeof epms); EVP_CIPHER_CTX_cleanup(&ciph_ctx); /* KerberosWrapper.EncryptedPreMasterSecret */ Index: ssl/s3_srvr.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/s3_srvr.c,v retrieving revision 1.85.2.5 diff -u -r1.85.2.5 s3_srvr.c --- ssl/s3_srvr.c 2002/07/10 06:57:50 1.85.2.5 +++ ssl/s3_srvr.c 2002/07/30 09:55:04 @@ -123,6 +123,7 @@ #include <openssl/x509.h> #include <openssl/krb5_asn.h> #include <openssl/md5.h> +#include "cryptlib.h" static SSL_METHOD *ssl3_get_server_method(int ver); static int ssl3_get_client_hello(SSL *s); @@ -964,6 +965,7 @@ s->session->session_id_length=0; sl=s->session->session_id_length; + die(sl <= sizeof s->session->session_id); *(p++)=sl; memcpy(p,s->session->session_id,sl); p+=sl; @@ -1559,8 +1561,8 @@ EVP_CIPHER *enc = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH - + EVP_MAX_IV_LENGTH + 1]; - int padl, outl = sizeof(pms); + + EVP_MAX_BLOCK_LENGTH]; + int padl, outl; krb5_timestamp authtime = 0; krb5_ticket_times ttimes; @@ -1582,6 +1584,16 @@ enc_pms.length = i; enc_pms.data = (char *)p; p+=enc_pms.length; + + /* Note that the length is checked again below, + ** after decryption + */ + if(enc.pms_length > sizeof pms) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + SSL_R_DATA_LENGTH_TOO_LONG); + goto err; + } if (n != enc_ticket.length + authenticator.length + enc_pms.length + 6) Index: ssl/ssl.h =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/ssl.h,v retrieving revision 1.126.2.7 diff -u -r1.126.2.7 ssl.h --- ssl/ssl.h 2002/07/04 08:50:31 1.126.2.7 +++ ssl/ssl.h 2002/07/30 09:55:05 @@ -1650,6 +1650,7 @@ #define SSL_R_INVALID_COMMAND 280 #define SSL_R_INVALID_PURPOSE 278 #define SSL_R_INVALID_TRUST 279 +#define SSL_R_KEY_ARG_TOO_LONG 1112 #define SSL_R_KRB5 1104 #define SSL_R_KRB5_C_CC_PRINC 1094 #define SSL_R_KRB5_C_GET_CRED 1095 @@ -1729,6 +1730,7 @@ #define SSL_R_SHORT_READ 219 #define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 #define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 +#define SSL_R_SSL3_SESSION_ID_TOO_LONG 1113 #define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 #define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 #define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 Index: ssl/ssl_asn1.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/ssl_asn1.c,v retrieving revision 1.9.2.2 diff -u -r1.9.2.2 ssl_asn1.c --- ssl/ssl_asn1.c 2002/07/10 06:57:51 1.9.2.2 +++ ssl/ssl_asn1.c 2002/07/30 09:55:05 @@ -62,6 +62,7 @@ #include <openssl/asn1_mac.h> #include <openssl/objects.h> #include <openssl/x509.h> +#include "cryptlib.h" typedef struct ssl_session_asn1_st { @@ -296,6 +297,7 @@ os.length=i; ret->session_id_length=os.length; + die(os.length <= sizeof ret->session_id); memcpy(ret->session_id,os.data,os.length); M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); Index: ssl/ssl_err.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/ssl_err.c,v retrieving revision 1.41 diff -u -r1.41 ssl_err.c --- ssl/ssl_err.c 2001/11/10 01:16:28 1.41 +++ ssl/ssl_err.c 2002/07/30 09:55:06 @@ -1,6 +1,6 @@ /* ssl/ssl_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -275,6 +275,7 @@ {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, {SSL_R_INVALID_TRUST ,"invalid trust"}, +{SSL_R_KEY_ARG_TOO_LONG ,"key arg too long"}, {SSL_R_KRB5 ,"krb5"}, {SSL_R_KRB5_C_CC_PRINC ,"krb5 client cc principal (no tkt?)"}, {SSL_R_KRB5_C_GET_CRED ,"krb5 client get cred"}, @@ -354,6 +355,7 @@ {SSL_R_SHORT_READ ,"short read"}, {SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, {SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, +{SSL_R_SSL3_SESSION_ID_TOO_LONG ,"ssl3 session id too long"}, {SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, {SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, {SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, Index: ssl/ssl_sess.c =================================================================== RCS file: /e/openssl/cvs/openssl/ssl/ssl_sess.c,v retrieving revision 1.40 diff -u -r1.40 ssl_sess.c --- ssl/ssl_sess.c 2002/02/10 12:46:41 1.40 +++ ssl/ssl_sess.c 2002/07/30 09:55:06 @@ -60,6 +60,7 @@ #include <openssl/lhash.h> #include <openssl/rand.h> #include "ssl_locl.h" +#include "cryptlib.h" static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); @@ -250,6 +251,7 @@ ss->session_id_length=0; } + die(s->sid_ctx_length <= sizeof ss->sid_ctx); memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); ss->sid_ctx_length=s->sid_ctx_length; s->session=ss;
This archive was generated by hypermail 2b30 : Tue Jul 30 2002 - 07:04:24 PDT