Skip to content

Commit 94d23fc

Browse files
committed
Fix EC_GROUP_new_from_ecparameters to check the base length
Check that there's at least one byte in params->base before trying to read it. CVE-2021-3712 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
1 parent 2d0e5d4 commit 94d23fc

File tree

1 file changed

+4
-1
lines changed

1 file changed

+4
-1
lines changed

Diff for: crypto/ec/ec_asn1.c

+4-1
Original file line numberDiff line numberDiff line change
@@ -761,7 +761,10 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
761761
ret->seed_len = params->curve->seed->length;
762762
}
763763

764-
if (!params->order || !params->base || !params->base->data) {
764+
if (params->order == NULL
765+
|| params->base == NULL
766+
|| params->base->data == NULL
767+
|| params->base->length == 0) {
765768
ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
766769
goto err;
767770
}

0 commit comments

Comments
 (0)