]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 14bed67)
fuzz/decoder.c: Limit the EVP_PKEY_param_check on DHX keys as well
authorTomas Mraz <tomas@openssl.org>
Fri, 12 Apr 2024 13:37:58 +0000 (15:37 +0200)
committerTomas Mraz <tomas@openssl.org>
Wed, 17 Apr 2024 07:30:11 +0000 (09:30 +0200)
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24126)

fuzz/decoder.c patch | blob | blame | history

diff --git a/fuzz/decoder.c b/fuzz/decoder.c
index c7b6d02f73722cd8ba56259eac24df71440d0c79..4888c5cd40e46ba5972665aee6a744c40685722b 100644 (file)
--- a/fuzz/decoder.c
+++ b/fuzz/decoder.c
@@ -68,7 +68,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
          * Param check will take too long time on large DH parameters.
          * Skip it.
          */
-        if (!EVP_PKEY_is_a(pkey, "DH") || EVP_PKEY_get_bits(pkey) <= 8192)
+        if ((!EVP_PKEY_is_a(pkey, "DH") && !EVP_PKEY_is_a(pkey, "DHX"))
+            || EVP_PKEY_get_bits(pkey) <= 8192)
             EVP_PKEY_param_check(ctx);
 
         EVP_PKEY_public_check(ctx);
Mirror of https://github.com/openssl/openssl.git