git.openssl.org Git - openssl.git/commit

author	slontis <shane.lontis@oracle.com>
	Tue, 21 Mar 2023 05:52:34 +0000 (15:52 +1000)
committer	Todd Short <todd.short@me.com>
	Fri, 31 Mar 2023 19:19:27 +0000 (15:19 -0400)
commit	ce90b5ed8b0849a77336b8ea81ba7983d11e8700
tree	9849677d099ff41d4508b5dd80bb5322d1c03119	tree \| snapshot
parent	cb0ead0e1676361b8e95adc69fc305c36d49cd2b	commit \| diff

Make DSA_sign() test for negative p,q,g values.

Related to #20268

DSA_sign() assumes that the signature passed in is related to DSA_size().
If q is negative then DSA_size() actually fails and returns 0.

A test that tries to allocate the signature buffer using DSA_size() and then
pass it to DSA_sign() will then either.

(1) Have a signature buffer of NULL. In this case it was leaking data
returned via i2d_DSA_SIG.

(2) Cause a seg fault because we created a buffer that was not large
enough to hold the signature. As it already checked zero we also now
check for negative values also.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20553)

(cherry picked from commit 9559ad0e8d433a2a212b63cc848fa2ac82a9b048)

crypto/dsa/dsa_ossl.c		diff \| blob \| history
crypto/dsa/dsa_sign.c		diff \| blob \| history
test/dsatest.c		diff \| blob \| history