mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

wolfssl: patch CVE-2026-5188

Browse Source 
Backport commit from the PR[1] mentioned in the nvd[2]

[1]https://github.com/wolfSSL/wolfssl/pull/10024
[2]https://nvd.nist.gov/vuln/detail/CVE-2026-5188

Dropped unit test changes during the backport.

Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Ankur Tyagi
2026-04-30 23:46:42 +12:00
committed by Anuj Mittal
parent 6ed3dfda05
commit bec67650c1
2 changed files with 102 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-connectivity/wolfssl/files/CVE-2026-5188.patch
+101
View File
@@ -0,0 +1,101 @@
From 928e64ee08438203cc966d122bb9736361bd6fc7 Mon Sep 17 00:00:00 2001
From: Eric Blankenhorn <eric@wolfssl.com>
Date: Fri, 20 Mar 2026 08:16:47 -0500
Subject: [PATCH] Fix DecodeAltNames length check
(cherry picked from commit 6446bb21155e80a41538d1f815a6cf5a5a0cc0f8)
CVE: CVE-2026-5188
Upstream-Status: Backport [https://github.com/wolfSSL/wolfssl/commit/6446bb21155e80a41538d1f815a6cf5a5a0cc0f8]
Dropped unit test changes during the backport.
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
wolfcrypt/src/asn.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index af74678c5..b00568534 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -19769,6 +19769,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
AddAltName(cert, dnsEntry);
+ if (strLen > length) {
+ return ASN_PARSE_E;
+ }
length -= strLen;
idx += (word32)strLen;
}
@@ -19810,6 +19813,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
dirEntry->next = cert->altDirNames;
cert->altDirNames = dirEntry;
+ if (strLen > length) {
+ return ASN_PARSE_E;
+ }
length -= strLen;
idx += (word32)strLen;
}
@@ -19845,6 +19851,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
emailEntry->next = cert->altEmailNames;
cert->altEmailNames = emailEntry;
+ if (strLen > length) {
+ return ASN_PARSE_E;
+ }
length -= strLen;
idx += (word32)strLen;
}
@@ -19924,6 +19933,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
AddAltName(cert, uriEntry);
+ if (strLen > length) {
+ return ASN_PARSE_E;
+ }
length -= strLen;
idx += (word32)strLen;
}
@@ -19970,6 +19982,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
}
AddAltName(cert, ipAddr);
+ if (strLen > length) {
+ return ASN_PARSE_E;
+ }
length -= strLen;
idx += (word32)strLen;
}
@@ -20018,6 +20033,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
AddAltName(cert, rid);
+ if (strLen > length) {
+ return ASN_PARSE_E;
+ }
length -= strLen;
idx += (word32)strLen;
}
@@ -20035,6 +20053,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
return ASN_PARSE_E;
}
/* Consume the rest of this sequence. */
+ if ((int)((word32)strLen + idx - lenStartIdx) > length) {
+ return ASN_PARSE_E;
+ }
length -= (int)(((word32)strLen + idx - lenStartIdx));
if (GetObjectId(input, &idx, &oid, oidCertAltNameType, sz) < 0) {
@@ -20087,6 +20108,9 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
WOLFSSL_MSG("\tfail: unsupported name length");
return ASN_PARSE_E;
}
+ if ((int)((word32)strLen + idx - lenStartIdx) > length) {
+ return ASN_PARSE_E;
+ }
length -= (int)((word32)strLen + idx - lenStartIdx);
idx += (word32)strLen;
}
meta-networking/recipes-connectivity/wolfssl/wolfssl_5.8.0.bb
+1
View File
@@ -39,6 +39,7 @@ SRC_URI = " \
file://CVE-2026-4395.patch \
file://CVE-2026-1005.patch \
file://CVE-2026-3580.patch \
file://CVE-2026-5188.patch \
"
SRCREV = "b077c81eb635392e694ccedbab8b644297ec0285"