Bug 1033570

Summary: nettle: guard against large alloca sizes
Product: Red Hat Enterprise Linux 7 Reporter: Florian Weimer <fweimer>
Component: nettleAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED CURRENTRELEASE QA Contact: Aleš Mareček <amarecek>
Severity: high Docs Contact:
Priority: high    
Version: 7.0CC: amarecek, nmavrogi, tmraz
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nettle-2.6-3.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 12:02:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1033527    

Description Florian Weimer 2013-11-22 12:06:23 UTC
In several places, TMP_ALLOC is used with potentially large arguments.  This can cause a stack overflow.  Functions taking key_size arguments (e.g., pkcs1_decrypt, pkcs1_encrypt, pkcs1_rsa_digest_encode, ...) and nettle_mpz_random_size are affected.

Comment 2 Nikos Mavrogiannopoulos 2013-12-11 11:06:10 UTC
I got in contact with upstream to get a fix. Once the upstream decides on the fix I'll backport it.

http://lists.lysator.liu.se/pipermail/nettle-bugs/2013/002853.html

Comment 3 Nikos Mavrogiannopoulos 2013-12-13 16:17:00 UTC
http://lists.lysator.liu.se/pipermail/nettle-bugs/2013/002898.html

Comment 10 Ludek Smid 2014-06-13 12:02:25 UTC
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.