mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
bcec03c33c
openssl/include
History
slontis bcec03c33c Fix NULL deference when validating FFC public key. 
Fixes CVE-2023-0217

When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.

As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2023-02-07 17:05:10 +01:00
..
crypto Fix Timing Oracle in RSA decryption 2023-02-07 17:05:10 +01:00
internal Fix NULL deference when validating FFC public key. 2023-02-07 17:05:10 +01:00
openssl Implement BIO_s_dgram_mem() reusing the BIO_s_dgram_pair() code 2023-01-27 16:11:38 +01:00