Revision - c6eb1cb - Fix off-by-one in BN_rand – ENEA Mirror of the Software Heritage archive

Revision c6eb1cbd1e2afbf0e0e9170cb9b5df1ff25bfd14 authored by Matt Caswell on 19 May 2015, 15:03:02 UTC, committed by Matt Caswell on 22 May 2015, 22:43:07 UTC

Fix off-by-one in BN_rand

If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte
buffer overflow can occur. There are no such instances within the OpenSSL at
the moment.

Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke, Filip Palian for
discovering and reporting this issue.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

1 parent 1a9499c

Files
Changes

Permalinks

openssl.doxy

PROJECT_NAME=OpenSSL
GENERATE_LATEX=no
OUTPUT_DIRECTORY=doxygen
INPUT=ssl include
FILE_PATTERNS=*.c *.h
RECURSIVE=yes
PREDEFINED=DOXYGEN

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...