granicus.if.org Git - openssl/commit

author	Nicola Tuveri <nic.tuv@gmail.com>
	Thu, 6 Sep 2018 21:44:36 +0000 (00:44 +0300)
committer	Nicola Tuveri <nic.tuv@gmail.com>
	Tue, 2 Oct 2018 10:46:02 +0000 (13:46 +0300)
commit	fff1da43be2236995cdf5ef2f3e2a51be232ba85
tree	e037fa3427ca0e2ef7fc67922dea67e10dc6b7d8	tree \| snapshot
parent	788d2fa0cf38420fd729b336bdb88d5a6e9d68ac	commit \| diff

Access `group->mont_data` conditionally in EC_GROUP_set_generator()

It appears that, in FIPS mode, `ec_precompute_mont_data()` always failed
but the error was ignored until commit e3ab8cc from #6810.

The actual problem lies in the fact that access to the `mont_data` field
of an `EC_GROUP` struct should always be guarded by an
`EC_GROUP_VERSION(group)` check to avoid OOB accesses, because `group`
might come from the FIPS module, which does not define the `mont_data`
field inside the EC_GROUP structure.

This commit adds the required check before any access to
`group->mont_data` in `EC_GROUP_set_generator()`.

Fixes #7127

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7135)

CHANGES		diff \| blob \| history
crypto/ec/ec_lcl.h		diff \| blob \| history
crypto/ec/ec_lib.c		diff \| blob \| history