Commit 4a23b12a authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Matt Caswell
Browse files

Fix SRP buffer overrun vulnerability. 

Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
parent 80bd7b41

crypto/srp/srp_lib.c

+6 −0
Original line number Diff line number Diff line
@@ -89,6 +89,9 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) 
	int longg ;

	int longN = BN_num_bytes(N);



	if (BN_ucmp(g, N) >= 0)

		return NULL;



	if ((tmp = OPENSSL_malloc(longN)) == NULL)

		return NULL;

	BN_bn2bin(N,tmp) ;
@@ -121,6 +124,9 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) 
	if ((A == NULL) ||(B == NULL) || (N == NULL))

		return NULL;



	if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)

		return NULL;



	longN= BN_num_bytes(N);



	if ((cAB = OPENSSL_malloc(2*longN)) == NULL)