Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: ad33d62396b7e9db04fdf060481ced394d391688
https://github.com/openssl/openssl/commit/ad33d62396b7e9db04fdf060481ced394d391688
Author: sashan <anedvedi...@gmail.com>
Date: 2024-07-11 (Thu, 11 Jul 2024)
Changed paths:
M crypto/evp/digest.c
M test/evp_extra_test.c
Log Message:
-----------
EVP_DigestUpdate(): Check if ctx->update is set
The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1
the issue has been introduced with openssl 3.0.
Reviewed-by: Neil Horman <nhor...@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24753)
To unsubscribe from these emails, change your notification settings at
https://github.com/openssl/openssl/settings/notifications
