[openssl/openssl] 8d6ea2: Check for 0 modulus in BN_RECP_CTX_set.
openssl-machine
noreply at github.com
Sun Jun 25 22:10:08 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: 8d6ea2d2c3cfdb1f09898ee98362b057893e6f14
https://github.com/openssl/openssl/commit/8d6ea2d2c3cfdb1f09898ee98362b057893e6f14
Author: fullwaywang <fullwaywang at tencent.com>
Date: 2023-06-26 (Mon, 26 Jun 2023)
Changed paths:
M crypto/bn/bn_recp.c
Log Message:
-----------
Check for 0 modulus in BN_RECP_CTX_set.
The function BN_RECP_CTX_set did not check whether arg d is zero,
in which case an early failure should be returned to the invoker.
This is a similar fix to the cognate defect of CVE-2015-1794.
Fixes #21111
CLA: trivial
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21255)
(cherry picked from commit 43596b306b1fe06da3b1a99e07c0cf235898010d)
More information about the openssl-commits
mailing list