git.openssl.org Git - openssl.git/commit

author	slontis <shane.lontis@oracle.com>
	Wed, 11 Jan 2023 01:05:04 +0000 (11:05 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 3 Feb 2023 11:38:44 +0000 (12:38 +0100)
commit	23985bac83fd50c8e29431009302b5442f985096
tree	8442bf40c05b8d1f7b8743069cf1ff3be5f75df5	tree \| snapshot
parent	67813d8a4d110f4174bbd2fee8a2f15388e324b5	commit \| diff

Fix NULL deference when validating FFC public key.

Fixes CVE-2023-0217

When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.

As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

crypto/ffc/ffc_key_validate.c		diff \| blob \| history
include/internal/ffc.h		diff \| blob \| history
test/ffc_internal_test.c		diff \| blob \| history