artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7d02218) | patch
Fix bounds check in EVP_PKEY_CTX_get_keygen_info()
authortb <tb@openbsd.org>
Mon, 1 Jan 2024 18:33:04 +0000 (18:33 +0000)
committertb <tb@openbsd.org>
Mon, 1 Jan 2024 18:33:04 +0000 (18:33 +0000)
commit7054f42f47971eb9b8f8ee3c8e95f9aaa30a3eb4
treebc98c6cc0426ceb0039fc2e58b3b1647791a5903tree | snapshot
parent7d022182b9af479ae4bf1b1196f9c12066a601f8commit | diff
Fix bounds check in EVP_PKEY_CTX_get_keygen_info()

Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.

ok miod
lib/libcrypto/evp/pmeth_gn.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim