kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
337 Commits 12 Branches 0 Tags 38 MiB
C 43.1%
C++ 23.5%
Go 13.6%
Raku 10.8%
Perl 4%
Other 4.9%
bf681a40d6
Go to file
David Benjamin bf681a40d6 Fix out-of-bounds read in BN_mod_exp_mont_consttime. 
bn_get_bits5 always reads two bytes, even when it doesn't need to. For some
sizes of |p|, this can result in reading just past the edge of the array.
Unroll the first iteration of the loop and avoid reading out of bounds.

Replace bn_get_bits5 altogether in C as it's not doing anything interesting.

Change-Id: Ibcc8cea7d9c644a2639445396455da47fe869a5c
Reviewed-on: https://boringssl-review.googlesource.com/1393
Reviewed-by: Adam Langley <agl@google.com>
2014-08-06 00:11:47 +00:00
crypto Fix out-of-bounds read in BN_mod_exp_mont_consttime. 2014-08-06 00:11:47 +00:00
doc Inital import. 2014-06-20 13:17:32 -07:00
include/openssl Fix BIO_printf crash on Mac. 2014-08-04 21:11:21 +00:00
ssl Test state machine asynchronous behavior. 2014-08-05 20:41:58 +00:00
tool Add stitched RC4-MD5 as an AEAD. 2014-06-30 23:01:17 +00:00
util Add AES Key Wrap mode. 2014-07-28 21:32:39 +00:00
.clang-format Inital import. 2014-06-20 13:17:32 -07:00
.gitignore Inital import. 2014-06-20 13:17:32 -07:00
BUILDING Add visibility rules. 2014-07-31 22:03:11 +00:00
CMakeLists.txt Add visibility rules. 2014-07-31 22:03:11 +00:00