Commit 966fe81f authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Matt Caswell
Browse files

Fix SRP buffer overrun vulnerability. 



Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
parent 83764a98

crypto/srp/srp_lib.c

+6 −0
Original line number Diff line number Diff line
@@ -89,6 +89,9 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) 
	int longg ;

	int longN = BN_num_bytes(N);



	if (BN_ucmp(g, N) >= 0)

		return NULL;



	if ((tmp = OPENSSL_malloc(longN)) == NULL)

		return NULL;

	BN_bn2bin(N,tmp) ;
@@ -121,6 +124,9 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) 
	if ((A == NULL) ||(B == NULL) || (N == NULL))

		return NULL;



	if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)

		return NULL;



	longN= BN_num_bytes(N);



	if ((cAB = OPENSSL_malloc(2*longN)) == NULL)