update is set

Sashan Thu, 11 Jul 2024 12:51:11 -0700

  Branch: refs/heads/openssl-3.2
  Home:   https://github.com/openssl/openssl
  Commit: 8120fb0434f3df9389e76adee030616bc7cf0633
      
https://github.com/openssl/openssl/commit/8120fb0434f3df9389e76adee030616bc7cf0633
  Author: sashan <anedvedi...@gmail.com>
  Date:   2024-07-11 (Thu, 11 Jul 2024)


  Changed paths:
    M crypto/evp/digest.c
    M test/evp_extra_test.c

  Log Message:
  -----------
  EVP_DigestUpdate(): Check if ctx->update is set

The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.

    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1

the issue has been introduced with openssl 3.0.

Reviewed-by: Neil Horman <nhor...@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24753)

(cherry picked from commit ad33d62396b7e9db04fdf060481ced394d391688)



To unsubscribe from these emails, change your notification settings at 
https://github.com/openssl/openssl/settings/notifications

[openssl/openssl] 8120fb: EVP_DigestUpdate(): Check if ctx->update is set

Reply via email to