projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2d0e5d4) | patch
Fix EC_GROUP_new_from_ecparameters to check the base length
authorMatt Caswell <matt@openssl.org>
Thu, 19 Aug 2021 11:24:17 +0000 (12:24 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 24 Aug 2021 12:19:00 +0000 (13:19 +0100)
commit94d23fcff9b2a7a8368dfe52214d5c2569882c11
tree33a68840087a53dc026075e17c231eb59030405ftree | snapshot
parent2d0e5d4a4a5d4332325b5e5cea492fad2be633e1commit | diff
Fix EC_GROUP_new_from_ecparameters to check the base length

Check that there's at least one byte in params->base before trying to
read it.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
crypto/ec/ec_asn1.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.