diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2020-09-12 15:24:40 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2020-09-12 15:24:40 +0000 |
| commit | 1a20717131170bd4a43df67e9dbe018c3fc7e86e (patch) | |
| tree | c56a99dcbc0d14ec86df5cfabfd26625b0983493 /lib/libcrypto/bn/bn_rand.c | |
| parent | 828fe2d709904751e8f69cec466d1f056e5ed63c (diff) | |
Avoid an out-of-bounds access in BN_rand()
If BN_rand() is called with top > 0 and bits == 1, it would allocate
a buf[] of size 1 and set the top bit of buf[1].
Found in OpenSSL commit efee575ad464bfb60bf72dcb73f9b51768f4b1a1 while
looking for something else.
ok beck djm inoguchi
Diffstat (limited to 'lib/libcrypto/bn/bn_rand.c')
| -rw-r--r-- | lib/libcrypto/bn/bn_rand.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/lib/libcrypto/bn/bn_rand.c b/lib/libcrypto/bn/bn_rand.c index df798f41bc4..4626960a0dd 100644 --- a/lib/libcrypto/bn/bn_rand.c +++ b/lib/libcrypto/bn/bn_rand.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_rand.c,v 1.22 2018/11/06 06:49:45 tb Exp $ */ +/* $OpenBSD: bn_rand.c,v 1.23 2020/09/12 15:24:39 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -129,6 +129,11 @@ bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) return (0); } + if (bits < 0 || (bits == 1 && top > 0)) { + BNerror(BN_R_BITS_TOO_SMALL); + return (0); + } + if (bits == 0) { BN_zero(rnd); return (1); @@ -166,8 +171,8 @@ bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) } #endif - if (top != -1) { - if (top) { + if (top >= 0) { + if (top > 0) { if (bit == 0) { buf[0] = 1; buf[1] |= 0x80; |