artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1b76e18) | patch
Avoid an infinite loop that can be triggered by parsing an ASN.1
authorjsing <jsing@openbsd.org>
Thu, 11 Jun 2015 15:55:28 +0000 (15:55 +0000)
committerjsing <jsing@openbsd.org>
Thu, 11 Jun 2015 15:55:28 +0000 (15:55 +0000)
commit1bb265c6dc8ae140ac96aacb27c882cafd49dd4a
tree7f5eed12d38a8d4edc805d96e545e98c6f1824f5tree | snapshot
parent1b76e181a631b82962326b46e9c8f26a84842888commit | diff
Avoid an infinite loop that can be triggered by parsing an ASN.1
ECParameters structure that has a specially malformed binary polynomial
field.

Issue reported by Joseph Barr-Pixton and fix based on OpenSSL.

Fixes CVE-2015-1788.

ok doug@ miod@
lib/libcrypto/bn/bn_gf2m.c diff | blob | history
lib/libssl/src/crypto/bn/bn_gf2m.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim