Check that there's at least one byte in params->base before trying to
read it.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
if (params->order == NULL
|| params->base == NULL
- || params->base->data == NULL) {
+ || params->base->data == NULL
+ || params->base->length == 0) {
ERR_raise(ERR_LIB_EC, EC_R_ASN1_ERROR);
goto err;
}