CVSROOT:        /cvs
Module name:    src
Changes by:    2024/01/01 11:33:04

Modified files:
        lib/libcrypto/evp: pmeth_gn.c 

Log message:
Fix bounds check in EVP_PKEY_CTX_get_keygen_info()

Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.

ok miod

Reply via email to