mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Check for 0 modulus in BN_RECP_CTX_set.

Browse Source 
The function BN_RECP_CTX_set did not check whether arg d is zero,
in which case an early failure should be returned to the invoker.
This is a similar fix to the cognate defect of CVE-2015-1794.

Fixes #21111

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21255)
This commit is contained in:
fullwaywang 2023-06-21 15:00:06 +08:00 committed by Pauli
parent a7c54dde51
commit 43596b306b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/bn/bn_recp.c
View File

@ -42,7 +42,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp)
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
{
if (!BN_copy(&(recp->N), d))
if (BN_is_zero(d) || !BN_copy(&(recp->N), d))
return 0;
BN_zero(&(recp->Nr));
recp->num_bits = BN_num_bits(d);