Actions
Bug #740
closed
Vulnerability in certificate verification code in dcmsign
Start date:
2017-03-24
Due date:
% Done:
100%
Estimated time:
Module:
dcmsign
Operating System:
Compiler:
Description
阮;琳琦 <rlq1969612634@gmail.com> writes:
Recently We made a large scale security static analysis on several open source projects, and found some mistakes in dcmtk-3.6.0. In dcmsign/libsrc/sicertvf.cc:122:
OFCondition SiCertificateVerifier::verifyCertificate(SiCertificate& certificate)
{
errorCode = 0;
X509 *rawcert = certificate.getRawCertificate();
if (rawcert == NULL) return SI_EC_VerificationFailed_NoCertificate;
X509_STORE_CTX ctx;
X509_STORE_CTX_init(&ctx, x509store, rawcert, NULL);
int ok = X509_verify_cert(&ctx); /* returns nonzero if successful */
errorCode = X509_STORE_CTX_get_error(&ctx);
X509_STORE_CTX_cleanup(&ctx);
if (ok) return EC_Normal; else return SI_EC_VerificationFailed_NoTrust;
}
X509_verify_cert is a function which discover and verify X509 certificte chain. If a complete chain can be built and validated this function returns 1, otherwise it return 0, in exceptional circumstances it can return -1. Here developers take wrong verification mode(ignore -1), the control expression (if (ok)) is true as in the case when -1 is returned. As a result, the program would behave as if the verification is valid, MITM attacks will occur .
The solution is turn the judgment statement if(ok) into if(ok==1).
Updated by
Actions