Commit 3b5a079d authored by Shane Lontis's avatar Shane Lontis Committed by Bernd Edlinger
Browse files

fixed public range check in ec_GF2m_simple_oct2point 



Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/8607)

(cherry picked from commit cad8347b)
parent 8f58aa0a

crypto/ec/ec2_oct.c

+5 −4
Original line number Diff line number Diff line
@@ -251,7 +251,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, 
                             BN_CTX *ctx)

{

    point_conversion_form_t form;

    int y_bit;

    int y_bit, m;

    BN_CTX *new_ctx = NULL;

    BIGNUM *x, *y, *yxi;

    size_t field_len, enc_len;
@@ -284,7 +284,8 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, 
        return EC_POINT_set_to_infinity(group, point);

    }



    field_len = (EC_GROUP_get_degree(group) + 7) / 8;

    m = EC_GROUP_get_degree(group);

    field_len = (m + 7) / 8;

    enc_len =

        (form ==

         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
@@ -309,7 +310,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, 


    if (!BN_bin2bn(buf + 1, field_len, x))

        goto err;

    if (BN_ucmp(x, group->field) >= 0) {

    if (BN_num_bits(x) > m) {

        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);

        goto err;

    }
@@ -321,7 +322,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, 
    } else {

        if (!BN_bin2bn(buf + 1 + field_len, field_len, y))

            goto err;

        if (BN_ucmp(y, group->field) >= 0) {

        if (BN_num_bits(y) > m) {

            ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);

            goto err;

        }