generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

bn/bn_gf2m.c: avoid infinite loop wich malformed ECParamters.

Browse Source 
CVE-2015-1788

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4924b37ee0)
This commit is contained in:
Andy Polyakov 2015-06-11 00:18:01 +02:00 committed by Matt Caswell
parent 1f31458a77
commit f61bbf8da5
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
crypto/bn/bn_gf2m.c
View File

@ -694,9 +694,10 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
}
# else
{
int i, ubits = BN_num_bits(u), vbits = BN_num_bits(v), /* v is copy
* of p */
top = p->top;
int i;
int ubits = BN_num_bits(u);
int vbits = BN_num_bits(v); /* v is copy of p */
int top = p->top;
BN_ULONG *udp, *bdp, *vdp, *cdp;
bn_wexpand(u, top);
@ -740,8 +741,12 @@ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
ubits--;
}
if (ubits <= BN_BITS2 && udp[0] == 1)
break;
if (ubits <= BN_BITS2) {
if (udp[0] == 0) /* poly was reducible */
goto err;
if (udp[0] == 1)
break;
}
if (ubits < vbits) {
i = ubits;