Bug 1566748 - xmlSecOpenSSLX509DataNodeRead fails to return error
Summary: xmlSecOpenSSLX509DataNodeRead fails to return error
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: xmlsec1
Version: 28
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: John Dennis
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-12 23:01 UTC by John Dennis
Modified: 2018-05-09 21:24 UTC (History)
2 users (show)

Fixed In Version: xmlsec1-1.2.25-4.fc28
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-05-09 21:24:17 UTC
Type: Bug


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github lsh123 xmlsec issues 164 0 None None None 2018-04-12 23:04:21 UTC

Description John Dennis 2018-04-12 23:01:31 UTC
Upstream commit aaf82cc broke xmlSecKeyInfoNodeRead(), at least for the openssl crypto provider. Here is the problem:

In xmlSecOpenSSLX509DataNodeRead (src/openssl/x509.c:910) there is a loop that iterates over the child nodes. Before the commit there was an error check INSIDE THE LOOP. Here is what it used to be:


        if(ret < 0) {
            xmlSecError(XMLSEC_ERRORS_HERE,
                        xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)),
                        xmlSecErrorsSafeString(xmlSecNodeGetName(cur)),
                        XMLSEC_ERRORS_R_XMLSEC_FAILED,
                        "read node failed");
            return(-1);
        }


Now with the commit each of the calls in the loop has it own error reporting code, for example:


            if(ret < 0) {
                xmlSecInternalError2("xmlSecOpenSSLX509CertificateNodeRead",
                                     xmlSecKeyDataGetName(data),
                                     "node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
            }


However there are NO return(-1); statements inside any of the error checks, nor does the  `xmlSecInternalError2` macro execute a return. The consequence is the loop terminates despite errors and executes return(0); just prior to exiting the function.

The net result is that errors are no longer reported, the function always returns success.

I have not reviewed the rest of the commit to see if a similar mistake was made in any of the other crypto providers.

Comment 1 John Dennis 2018-04-12 23:06:36 UTC
fixed in this upstream commit:
https://github.com/lsh123/xmlsec/commit/b16512bab8c2e006036b7ec5a1fbbff35fe67e94

Comment 2 Fedora Update System 2018-05-02 14:08:49 UTC
xmlsec1-1.2.25-4.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-e26d7e7396

Comment 3 Fedora Update System 2018-05-03 20:22:12 UTC
xmlsec1-1.2.25-4.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-e26d7e7396

Comment 4 Fedora Update System 2018-05-09 21:24:17 UTC
xmlsec1-1.2.25-4.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.