Overview

File openssl-dsa_paramgen2_check.patch of Package openssl-1_1.9178

Index: openssl-1.1.0i/crypto/dsa/dsa_gen.c
===================================================================
--- openssl-1.1.0i.orig/crypto/dsa/dsa_gen.c	2018-10-18 15:11:05.971573703 +0200
+++ openssl-1.1.0i/crypto/dsa/dsa_gen.c	2018-10-18 15:12:56.288274123 +0200
@@ -357,6 +357,12 @@ int dsa_builtin_paramgen2(DSA *ret, size
     }
 # endif
 
+    /* make sure L > N, otherwise we'll get stuck in an infinite loop */
+    if (L <= N) {
+        DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_KEY_SIZE_INVALID);
+        goto err;
+    }
+
     if (evpmd == NULL) {
         if (N == 160)
             evpmd = EVP_sha1();
openSUSE Build Service is sponsored by
Places