[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Rich Salz
rsalz at openssl.org
Wed Feb 22 18:15:55 UTC 2017
The branch OpenSSL_1_1_0-stable has been updated
via b757d2d82fd3ed4028d505b645258c9d97115443 (commit)
from d8d3b66971dab2b54dd0946d85fd45a2470714a8 (commit)
- Log -----------------------------------------------------------------
commit b757d2d82fd3ed4028d505b645258c9d97115443
Author: Rich Salz <rsalz at openssl.org>
Date: Wed Feb 22 13:11:08 2017 -0500
Iterate over EC_GROUP's poly array in a safe way
Prevent that memory beyond the last element is accessed if every element
of group->poly[] is non-zero
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2689)
(cherry picked from commit 57f48f939ed5d3119e3c691ea0a8a3ac2f4a1a9e)
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/ec_asn1.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 4f4d1ed..b6b13d3 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -15,15 +15,18 @@
int EC_GROUP_get_basis_type(const EC_GROUP *group)
{
- int i = 0;
+ int i;
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
NID_X9_62_characteristic_two_field)
/* everything else is currently not supported */
return 0;
- while (group->poly[i] != 0)
- i++;
+ /* Find the last non-zero element of group->poly[] */
+ for (i = 0;
+ i < (int)OSSL_NELEM(group->poly) & group->poly[i] != 0;
+ i++)
+ continue;
if (i == 4)
return NID_X9_62_ppBasis;
More information about the openssl-commits
mailing list