diff options
author | slontis <shane.lontis@oracle.com> | 2023-01-11 11:05:04 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-02-07 17:02:47 +0100 |
commit | 6e0760302b4906560034a386d30199d25816518f (patch) | |
tree | 24c7edda4b608654ab8184ba53aae6cfe7640f46 /include | |
parent | c05921c4b833909cbf998787a05e15c4fb8650d4 (diff) |
Fix NULL deference when validating FFC public key.
Fixes CVE-2023-0217
When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.
As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/ffc.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/internal/ffc.h b/include/internal/ffc.h index 732514a6c2..b8b7140857 100644 --- a/include/internal/ffc.h +++ b/include/internal/ffc.h @@ -76,6 +76,7 @@ # define FFC_ERROR_NOT_SUITABLE_GENERATOR 0x08 # define FFC_ERROR_PRIVKEY_TOO_SMALL 0x10 # define FFC_ERROR_PRIVKEY_TOO_LARGE 0x20 +# define FFC_ERROR_PASSED_NULL_PARAM 0x40 /* * Finite field cryptography (FFC) domain parameters are used by DH and DSA. |