From 6c1af08be515d9dd771e2026ecb4eb901d03e8d2 Mon Sep 17 00:00:00 2001
From: qsw333 <wangqingsan@huawei.com>
Date: Thu, 18 Jul 2024 14:22:07 +0800
Subject: [PATCH] fix CVE-2024-5535

---
 ...x-SSL_select_next_proto-and-add-ALPN.patch | 169 ++++++++++++++++++
 linux-sgx.spec                                |   8 +-
 2 files changed, 175 insertions(+), 2 deletions(-)
 create mode 100644 backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch

diff --git a/backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch b/backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch
new file mode 100644
index 0000000..bb2e0bf
--- /dev/null
+++ b/backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch
@@ -0,0 +1,169 @@
+From d7afe8e89ced1f4d5f1e5aab474dd9c069115b6e Mon Sep 17 00:00:00 2001
+From: xuhuiyue <xuhuiyue@huawei.com>
+Date: Fri, 28 Jun 2024 17:31:29 +0800
+Subject: [PATCH 2/2] Fix SSL_select_next_proto and add ALPN validation in the
+ client
+
+Fix CVE-2024-5535.
+
+Signed-off-by: xuhuiyue <xuhuiyue@huawei.com>
+---
+ ssl/ssl_lib.c                | 63 +++++++++++++++++++++++-------------
+ ssl/statem/extensions_clnt.c | 27 +++++++++++++++-
+ ssl/statem/extensions_srvr.c |  3 +-
+ 3 files changed, 68 insertions(+), 25 deletions(-)
+
+diff --git a/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/ssl_lib.c b/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/ssl_lib.c
+index 00410a7385..cb2dca4247 100644
+--- a/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/ssl_lib.c
++++ b/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/ssl_lib.c
+@@ -2767,37 +2767,54 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                           unsigned int server_len,
+                           const unsigned char *client, unsigned int client_len)
+ {
+-    unsigned int i, j;
+-    const unsigned char *result;
+-    int status = OPENSSL_NPN_UNSUPPORTED;
++    PACKET cpkt, csubpkt, spkt, ssubpkt;
++
++    if (!PACKET_buf_init(&cpkt, client, client_len)
++            || !PACKET_get_length_prefixed_1(&cpkt, &csubpkt)
++            || PACKET_remaining(&csubpkt) == 0) {
++        *out = NULL;
++        *outlen = 0;
++        return OPENSSL_NPN_NO_OVERLAP;
++    }
++
++    /*
++     * Set the default opportunistic protocol. Will be overwritten if we find
++     * a match.
++     */
++    *out = (unsigned char *)PACKET_data(&csubpkt);
++    *outlen = (unsigned char)PACKET_remaining(&csubpkt);
+ 
+     /*
+      * For each protocol in server preference order, see if we support it.
+      */
+-    for (i = 0; i < server_len;) {
+-        for (j = 0; j < client_len;) {
+-            if (server[i] == client[j] &&
+-                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+-                /* We found a match */
+-                result = &server[i];
+-                status = OPENSSL_NPN_NEGOTIATED;
+-                goto found;
++    if (PACKET_buf_init(&spkt, server, server_len)) {
++        while (PACKET_get_length_prefixed_1(&spkt, &ssubpkt)) {
++            if (PACKET_remaining(&ssubpkt) == 0)
++                continue; /* Invalid - ignore it */
++            if (PACKET_buf_init(&cpkt, client, client_len)) {
++                while (PACKET_get_length_prefixed_1(&cpkt, &csubpkt)) {
++                    if (PACKET_equal(&csubpkt, PACKET_data(&ssubpkt),
++                                     PACKET_remaining(&ssubpkt))) {
++                        /* We found a match */
++                        *out = (unsigned char *)PACKET_data(&ssubpkt);
++                        *outlen = (unsigned char)PACKET_remaining(&ssubpkt);
++                        return OPENSSL_NPN_NEGOTIATED;
++                    }
++                }
++                /* Ignore spurious trailing bytes in the client list */
++            } else {
++                /* This should never happen */
++                return OPENSSL_NPN_NO_OVERLAP;
+             }
+-            j += client[j];
+-            j++;
+         }
+-        i += server[i];
+-        i++;
++        /* Ignore spurious trailing bytes in the server list */
+     }
+ 
+-    /* There's no overlap between our protocols and the server's list. */
+-    result = client;
+-    status = OPENSSL_NPN_NO_OVERLAP;
+-
+- found:
+-    *out = (unsigned char *)result + 1;
+-    *outlen = result[0];
+-    return status;
++    /*
++     * There's no overlap between our protocols and the server's list. We use
++     * the default opportunistic protocol selected earlier
++     */
++    return OPENSSL_NPN_NO_OVERLAP;
+ }
+ 
+ #ifndef OPENSSL_NO_NEXTPROTONEG
+diff --git a/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_clnt.c b/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_clnt.c
+index c641ae7351..4ad75c8e2d 100644
+--- a/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_clnt.c
++++ b/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_clnt.c
+@@ -1602,7 +1602,8 @@ int tls_parse_stoc_npn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+                                   PACKET_data(pkt),
+                                   PACKET_remaining(pkt),
+                                   s->ctx->ext.npn_select_cb_arg) !=
+-             SSL_TLSEXT_ERR_OK) {
++                                  SSL_TLSEXT_ERR_OK
++            || selected_len == 0) {
+         SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PARSE_STOC_NPN,
+                  SSL_R_BAD_EXTENSION);
+         return 0;
+@@ -1633,6 +1634,8 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+                         size_t chainidx)
+ {
+     size_t len;
++    PACKET confpkt, protpkt;
++    int valid = 0;
+ 
+     /* We must have requested it. */
+     if (!s->s3->alpn_sent) {
+@@ -1653,6 +1656,28 @@ int tls_parse_stoc_alpn(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
+                  SSL_R_BAD_EXTENSION);
+         return 0;
+     }
++
++    /* It must be a protocol that we sent */
++    if (!PACKET_buf_init(&confpkt, s->ext.alpn, s->ext.alpn_len)) {
++        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, ERR_R_INTERNAL_ERROR);
++        return 0;
++    }
++    while (PACKET_get_length_prefixed_1(&confpkt, &protpkt)) {
++        if (PACKET_remaining(&protpkt) != len)
++            continue;
++        if (memcmp(PACKET_data(pkt), PACKET_data(&protpkt), len) == 0) {
++            /* Valid protocol found */
++            valid = 1;
++            break;
++        }
++    }
++
++    if (!valid) {
++        /* The protocol sent from the server does not match one we advertised */
++        SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_STOC_ALPN, SSL_R_BAD_EXTENSION);
++        return 0;
++    }
++
+     OPENSSL_free(s->s3->alpn_selected);
+     s->s3->alpn_selected = OPENSSL_malloc(len);
+     if (s->s3->alpn_selected == NULL) {
+diff --git a/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_srvr.c b/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_srvr.c
+index 775d9a7444..a08027fd6d 100644
+--- a/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_srvr.c
++++ b/external/dcap_source/QuoteVerification/sgxssl/openssl_source/openssl-1.1.1t/ssl/statem/extensions_srvr.c
+@@ -1562,9 +1562,10 @@ EXT_RETURN tls_construct_stoc_next_proto_neg(SSL *s, WPACKET *pkt,
+             return EXT_RETURN_FAIL;
+         }
+         s->s3->npn_seen = 1;
++        return EXT_RETURN_SENT;
+     }
+ 
+-    return EXT_RETURN_SENT;
++    return EXT_RETURN_NOT_SENT;
+ }
+ #endif
+ 
+-- 
+2.33.0
+
+
diff --git a/linux-sgx.spec b/linux-sgx.spec
index 4d8bb40..0030220 100644
--- a/linux-sgx.spec
+++ b/linux-sgx.spec
@@ -1,6 +1,6 @@
 Name:           linux-sgx
 Version:        2.19
-Release:        5
+Release:        6
 Summary:        Intel(R) Software Guard Extensions for Linux* OS
 ExclusiveArch:	x86_64
 License:        BSD-3-Clause
@@ -35,10 +35,11 @@ Patch6:         0007-fix-C-17-build-failed.patch
 Patch7:         backport-CVE-2023-0464-x509-excessive-resource-use-verifying-policy-constra.patch
 Patch8:         backport-CVE-2023-0465-Ensure-that-EXFLAG_INVALID_POLICY-is-checked-even-in.patch
 Patch9:         backport-CVE-2023-0466-Fix-documentation-of-X509_VERIFY_PARAM_add0_policy.patch
-Patch10:         backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch
+Patch10:        backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch
 Patch11:        backport-CVE-2023-3446-Fix-DH_check-excessive-time-with-over-sized-modulus.patch
 Patch12:        backport-CVE-2023-3817-DH_check-Do-not-try-checking-q-properties-if-it-is-o.patch
 Patch13:        backport-CVE-2023-5678-Make-DH_check_pub_key-and-DH_generate_key-safer-yet.patch
+Patch14:        backport-CVE-2024-5535-Fix-SSL_select_next_proto-and-add-ALPN.patch
 
 BuildRequires:  gcc-c++ protobuf-devel libtool ocaml ocaml-ocamlbuild compat-openssl11-devel cmake python curl-devel createrepo_c git nasm
 BuildRequires:  protobuf-lite-devel protobuf-c-devel boost-devel
@@ -878,6 +879,9 @@ if [ -x /opt/intel/sgx-dcap-pccs/startup.sh ]; then /opt/intel/sgx-dcap-pccs/sta
 %files -n libsgx-headers -f %{LINUX_INSTALLER_RPM_DIR}/libsgx-headers/build/list-libsgx-headers
 
 %changelog
+* Thu Jul 18 2024 wangqingsan<wangqingsan@huawei.com> - 2.19-6
+- fix CVE-2024-5535
+
 * Mon Jun 17 2024 gengqihu<gengqihu2@h-partners.com> - 2.19-5
 - Disabling the Automatic Startup of Software Package Upgrade
 
-- 
Gitee