kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,689 Commits 12 Branches 0 Tags 38 MiB
C 43.1%
C++ 23.5%
Go 13.6%
Raku 10.8%
Perl 4%
Other 4.9%
9e45d6e42f
Go to file
David Benjamin 9e45d6e42f Check for 0 modulus in BN_MONT_CTX_set. 
The function BN_MONT_CTX_set was assuming that the modulus was non-zero
and therefore that |mod->top| > 0. In an error situation that may not be
the case and could cause a seg fault.

This is a follow on from CVE-2015-1794.

(Imported from upstream's 512368c9ed4d53fb230000e83071eb81bf628b22.)

The CVE itself doesn't affect us as the bit strength check in the DHE logic
excludes zero.

Also add tests to bn_test for a couple of division by zero cases. (This and
BN_div.)

Change-Id: Ibd8ef98d6be48eb95110021c23cd8e278656764d
Reviewed-on: https://boringssl-review.googlesource.com/5690
Reviewed-by: Adam Langley <agl@google.com>
2015-08-17 20:32:38 +00:00
crypto Check for 0 modulus in BN_MONT_CTX_set. 2015-08-17 20:32:38 +00:00
decrepit Restore |DES_ede3_cfb_encrypt| and |DES_ede3_cfb64_encrypt| from OpenSSL at ce7e647b. 2015-06-24 01:33:31 +00:00
doc
include/openssl Get overflow checks right in BN_bin2bn. 2015-08-17 20:30:00 +00:00
ssl Remove SSL_CTRL_SET_CLIENT_CERT_TYPES. 2015-08-17 19:15:14 +00:00
tool Convert the Channel ID extension to the new system. 2015-07-21 21:44:11 +00:00
util Get rid of err function codes. 2015-07-16 02:02:08 +00:00
.clang-format
.gitignore Add generated documentation to .gitignore 2015-01-26 18:37:55 +00:00
BUILDING Suggest building at Android API level 16. 2015-06-18 17:32:29 -07:00
CMakeLists.txt Allow compilation for armv6 2015-06-02 18:16:13 +00:00
codereview.settings Add a codereview.settings file. 2014-11-18 22:21:33 +00:00
LICENSE Note that some files carry in Intel license. 2015-07-28 00:55:32 +00:00
STYLE Require that FOO_free functions do nothing on NULL. 2015-05-04 22:58:13 +00:00