daily pastebin goal
28%
SHARE
TWEET

OpenSSL 1.0.0.g callgraph for X.509 parsing bug

a guest May 14th, 2012 153 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Simple grep for finding any possible code calling the affected OpenSSL functions:
  2.  
  3. find . -exec grep -wnHP '(asn1_d2i_read_bio|ASN1_d2i_bio|ASN1_d2i_fp|d2i_RSA_PUBKEY_fp|ASN1_item_d2i_bio|ASN1_item_d2i_fp|d2i_PKCS12_fp|d2i_X509_fp|d2i_X509_CRL_fp|d2i_PKCS7_fp|d2i_X509_REQ_fp|d2i_RSAPrivateKey_fp|d2i_RSAPublicKey_fp|b64_read_asn1|SMIME_read_ASN1|SMIME_read_CMS|SMIME_read_PKCS7|d2i_CMS_bio|d2i_PKCS12_bio|d2i_X509_bio|X509_load_cert_file|SSL_use_certificate_file|d2i_X509_CRL_bio|X509_load_crl_file|get_cert_by_subject|x509_dir_lookup|X509_LOOKUP_hash_dir|X509_STORE_set_default_paths|SSL_CTX_set_default_verify_paths|X509_STORE_load_locations|SSL_CTX_load_verify_locations|d2i_PKCS7_bio|d2i_X509_REQ_bio|d2i_RSAPrivateKey_bio|SSL_use_RSAPrivateKey_file|SSL_CTX_use_RSAPrivateKey_file|d2i_RSAPublicKey_bio)' {} ';'
  4.  
  5.  
  6. Callgraph from openssl 1.0.0g, leftmost are callees, to the right callers:
  7.  
  8. asn1_d2i_read_bio
  9.     ASN1_d2i_bio
  10.         ASN1_d2i_fp
  11.             d2i_RSA_PUBKEY_fp
  12.     ASN1_item_d2i_bio
  13.         ASN1_item_d2i_fp
  14.             d2i_PKCS12_fp
  15.                 main (demos/pkread.c)
  16.             d2i_X509_fp
  17.             d2i_X509_CRL_fp
  18.             d2i_PKCS7_fp
  19.             d2i_X509_REQ_fp
  20.             d2i_RSAPrivateKey_fp
  21.             d2i_RSAPublicKey_fp
  22.         b64_read_asn1
  23.             SMIME_read_ASN1
  24.                 SMIME_read_CMS
  25.                     main (demos/cms/cms_dec.c)
  26.                     main (demos/cms/cms_uncomp.c)
  27.                     main (demos/cms/cms_ver.c)
  28.                 SMIME_read_PKCS7
  29.                     main (apps/smime.c)
  30.                     main (demos/smime/smdec.c)
  31.                     main (demos/smime/smver.c)
  32.         d2i_CMS_bio
  33.             main (apps/cms.c)
  34.         d2i_PKCS12_bio
  35.             load_pkcs12 (apps/apps.c)
  36.             main (apps/pkcs12.c)
  37.         d2i_X509_bio
  38.             load_cert (apps/apps.c)
  39.             X509_load_cert_file
  40.             SSL_use_certificate_file
  41.         d2i_X509_CRL_bio
  42.             load_crl (apps/crl.c)
  43.             main (apps/crl2p7.c)
  44.             X509_load_crl_file
  45.                 get_cert_by_subject
  46.                     x509_dir_lookup (some callback struct)
  47.                         X509_LOOKUP_hash_dir
  48.                             X509_STORE_set_default_paths
  49.                                 main (crypto/pkcs7/dec.c)
  50.                                 main (crypto/pkcs7/verify.c)
  51.                                 SSL_CTX_set_default_verify_paths
  52.                                     many apps/*.c and test *.c files (main() function)
  53.                             X509_STORE_load_locations
  54.                                 SSL_CTX_load_verify_locations
  55.                                     many demos, apps and test *.c files
  56.                                 many *.c files (main() functions)
  57.                             many files in apps/*.c
  58.         d2i_PKCS7_bio
  59.             apps/*.c files
  60.         d2i_X509_REQ_bio
  61.             main (apps/req.c)
  62.         d2i_RSAPrivateKey_bio
  63.             SSL_use_RSAPrivateKey_file
  64.             SSL_CTX_use_RSAPrivateKey_file
  65.                 main (ssl/ssl_task.c)
  66.                 main (demos/ssl/inetdsrv.cpp)
  67.                 main (crypto/threads/mttest.c)
  68.         d2i_RSAPublicKey_bio
  69.             load_pubkey (apps/apps.c)
  70.         load_cert (apps/apps.c)
  71.             lot of files from apps/, seems to read only from disk (this is the openssl binary executable(s))
RAW Paste Data
Top