Avoid an out-of-bounds access in BN_rand() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2020-09-12 15:24:39 +0000
committer	tb <>	2020-09-12 15:24:39 +0000
commit	724fa19847a977c5790a4e1d0b2e4fe6d95646fa (patch)
tree	5a549ecb20fabf7acfb6c6d959ea80a0dd05abd8 /src/lib/libssl/ssl_ciphers.c
parent	d7dfc10134411f17602aa3f2d5224ccb44f6701c (diff)
download	openbsd-724fa19847a977c5790a4e1d0b2e4fe6d95646fa.tar.gz openbsd-724fa19847a977c5790a4e1d0b2e4fe6d95646fa.tar.bz2 openbsd-724fa19847a977c5790a4e1d0b2e4fe6d95646fa.zip

Avoid an out-of-bounds access in BN_rand()

If BN_rand() is called with top > 0 and bits == 1, it would allocate a buf[] of size 1 and set the top bit of buf[1]. Found in OpenSSL commit efee575ad464bfb60bf72dcb73f9b51768f4b1a1 while looking for something else. ok beck djm inoguchi

Diffstat (limited to 'src/lib/libssl/ssl_ciphers.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: