Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign upbpo-35746: Fix segfault in ssl's cert parser #11569
Merged
Conversation
Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
Outdated
Show resolved
Hide resolved
Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
Outdated
Show resolved
Hide resolved
tiran
force-pushed the
tiran:bpo-35746-crldp-segfault
branch
2 times, most recently
from
70326d8
to
9b00d25
CVE-2019-5010, Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org>
|
Verified that the new test causes segfaults on 3.7 and 3.6 and that the fix to _ssl.c when cherry-picked to 3.7 and 3.6 prevents those segfaults. |
miss-islington
merged commit a37f524
into
python:master
5 checks passed
5 checks passed
This comment has been minimized.
This comment has been minimized.
miss-islington
commented
Jan 15, 2019
|
Thanks @tiran for the PR |
This comment has been minimized.
This comment has been minimized.
bedevere-bot
commented
Jan 15, 2019
|
GH-11572 is a backport of this pull request to the 3.7 branch. |
miss-islington
added a commit
to miss-islington/cpython
that referenced
this pull request
Jan 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524) Co-authored-by: Christian Heimes <christian@python.org>
This comment has been minimized.
This comment has been minimized.
bedevere-bot
commented
Jan 15, 2019
|
GH-11573 is a backport of this pull request to the 3.6 branch. |
miss-islington
added a commit
to miss-islington/cpython
that referenced
this pull request
Jan 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524) Co-authored-by: Christian Heimes <christian@python.org>
This comment has been minimized.
This comment has been minimized.
bedevere-bot
commented
Jan 15, 2019
|
GH-11574 is a backport of this pull request to the 2.7 branch. |
miss-islington
added a commit
to miss-islington/cpython
that referenced
this pull request
Jan 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524) Co-authored-by: Christian Heimes <christian@python.org>
miss-islington
added a commit
that referenced
this pull request
Jan 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524) Co-authored-by: Christian Heimes <christian@python.org>
miss-islington
added a commit
that referenced
this pull request
Jan 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524) Co-authored-by: Christian Heimes <christian@python.org>
ned-deily
added a commit
that referenced
this pull request
Jan 16, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524) Co-authored-by: Christian Heimes <christian@python.org>
vstinner
added a commit
to vstinner/cpython
that referenced
this pull request
Feb 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746 (cherry picked from commit a37f524)
vstinner
added a commit
to vstinner/cpython
that referenced
this pull request
Feb 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit a37f524)
vstinner
added a commit
to vstinner/cpython
that referenced
this pull request
Feb 15, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit a37f524)
larryhastings
added a commit
that referenced
this pull request
Feb 25, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit a37f524)
larryhastings
added a commit
that referenced
this pull request
Feb 26, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. Signed-off-by: Christian Heimes <christian@python.org> (cherry picked from commit a37f524)
arnolddumas
added a commit
to arnolddumas/cpython
that referenced
this pull request
May 3, 2019
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Signed-off-by: Christian Heimes <christian@python.org> https://bugs.python.org/issue35746
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
tiran commentedJan 15, 2019
•
edited by bedevere-bot
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes christian@python.org
https://bugs.python.org/issue35746