projects
/
oweals
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
e95f5e0
)
Avoid overflow in MDC2_Update()
author
Dr. Stephen Henson
<steve@openssl.org>
Fri, 19 Aug 2016 22:28:29 +0000
(23:28 +0100)
committer
Matt Caswell
<matt@openssl.org>
Wed, 24 Aug 2016 13:24:53 +0000
(14:24 +0100)
Thanks to Shi Lei for reporting this issue.
CVE-2016-6303
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit
55d83bf7c10c7b205fffa23fa7c3977491e56c07
)
crypto/mdc2/mdc2dgst.c
patch
|
blob
|
history
diff --git
a/crypto/mdc2/mdc2dgst.c
b/crypto/mdc2/mdc2dgst.c
index 6615cf84d7d2a2f5607f810f41820db6bc745172..2dce4936337a03a4b6e06fbeb1fb4a8775ed7d9c 100644
(file)
--- a/
crypto/mdc2/mdc2dgst.c
+++ b/
crypto/mdc2/mdc2dgst.c
@@
-91,7
+91,7
@@
int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
i = c->num;
if (i != 0) {
- if (
i + len < MDC2_BLOCK
) {
+ if (
len < MDC2_BLOCK - i
) {
/* partial block */
memcpy(&(c->data[i]), in, len);
c->num += (int)len;