projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix length checks in X509_cmp_time to avoid out-of-bounds reads.
[openssl.git] / crypto / ec / ec_check.c
diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c
index 1d44ad228321c8dcbbe5dcb5aaca8c447e04bccd..bdbf91c4707e4196b4c0e3b922cacfa11aca5759 100644 (file)
--- a/crypto/ec/ec_check.c
+++ b/crypto/ec/ec_check.c
@@ -85,7 +85,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
         ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
         goto err;
     }
-    if (!EC_POINT_is_on_curve(group, group->generator, ctx)) {
+    if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) {
         ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
         goto err;
     }
Unnamed repository; edit this file 'description' to name the repository.