File 0009-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch of Package mingw64-openssl

From b7b38f7152895fb319146b7d7ff6b4b44e1dd4ac Mon Sep 17 00:00:00 2001
From: Ralf Habacker <ralf.habacker@freenet.de>
Date: Thu, 19 Feb 2026 14:38:07 +0100
Subject: [PATCH 09/11] Fix EC_GROUP_new_from_ecparameters to check the base
 length

Check that there's at least one byte in params->base before trying to
read it.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(cherry picked from commit 94d23fcff9b2a7a8368dfe52214d5c2569882c11)
---
 crypto/ec/ec_asn1.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 30b3ebfbe0..26afb1014d 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -867,7 +867,10 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
         ret->seed_len = params->curve->seed->length;
     }
 
-    if (!params->order || !params->base || !params->base->data) {
+    if (params->order == NULL
+            || params->base == NULL
+            || params->base->data == NULL
+            || params->base->length == 0) {
         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
         goto err;
     }
-- 
2.53.0