projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 591a2bf) | patch
Fix possible infinite loop in BN_mod_sqrt()
authorTomas Mraz <tomas@openssl.org>
Mon, 28 Feb 2022 17:26:21 +0000 (18:26 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 15 Mar 2022 13:35:56 +0000 (13:35 +0000)
commita466912611aa6cbdf550cd10601390e587451246
tree17379f907bdd12b596f24904e95b80f919b0913ftree | snapshot
parent591a2bf08b391955bed512496a20113da26f9f91commit | diff
Fix possible infinite loop in BN_mod_sqrt()

The calculation in some cases does not finish for non-prime p.

This fixes CVE-2022-0778.

Based on patch by David Benjamin <davidben@google.com>.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 9eafb53614bf65797db25f467946e735e1b43dc9)
crypto/bn/bn_sqrt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.