projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7c038a6) | patch
Fix EC_GROUP_new_from_ecparameters to check the base length
authorMatt Caswell <matt@openssl.org>
Thu, 19 Aug 2021 11:24:17 +0000 (12:24 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 24 Aug 2021 13:22:07 +0000 (14:22 +0100)
commit030c5aba94788f152f9ceef3549815df45bef702
tree6b34d4a9be50b30914d202c540cc0f87aacab3a4tree | snapshot
parent7c038a6bcd98d4bbfd2c2892a87a1138d2f7c5f3commit | diff
Fix EC_GROUP_new_from_ecparameters to check the base length

Check that there's at least one byte in params->base before trying to
read it.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
crypto/ec/ec_asn1.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.