Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix EC_GROUP_new_from_ecparameters to check the base length
Check that there's at least one byte in params->base before trying to read it. CVE-2021-3712 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org>
- Loading branch information
This comment was marked as spam.
Sorry, something went wrong.
94d23fc
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the solution is not equal to the description of cve-2021-3712, such as does still X509_get1_email() function exist the problem? @Kps4444
94d23fc
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ayang05 please note there are multiple commits associated with fixing the cve 2021-3712