git.openssl.org Git - openssl.git/commit

author	slontis <shane.lontis@oracle.com>
	Wed, 11 Jan 2023 01:05:04 +0000 (11:05 +1000)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 7 Feb 2023 16:05:10 +0000 (17:05 +0100)
commit	bcec03c33cc00a7b5eb89ebeeee59e604570a86a
tree	dfad452c9fd62d3a7492b04edfb2e6227a1f0345	tree \| snapshot
parent	3436f9c24ab90c1661e4798e7944f028d5d251ce	commit \| diff

Fix NULL deference when validating FFC public key.

Fixes CVE-2023-0217

When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.

As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

crypto/ffc/ffc_key_validate.c		diff \| blob \| history
include/internal/ffc.h		diff \| blob \| history
test/ffc_internal_test.c		diff \| blob \| history