CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2024/01/01 11:33:04
Modified files:
lib/libcrypto/evp: pmeth_gn.c
Log message:
Fix bounds check in EVP_PKEY_CTX_get_keygen_info()
Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.
ok miod
