]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 939dd47) | patch
EVP_DigestUpdate(): Check if ctx->update is set
authorsashan <anedvedicky@gmail.com>
Thu, 27 Jun 2024 14:31:41 +0000 (16:31 +0200)
committerTomas Mraz <tomas@openssl.org>
Thu, 11 Jul 2024 19:48:56 +0000 (21:48 +0200)
commitad33d62396b7e9db04fdf060481ced394d391688
tree5ee41ee7df5f674d9efbe0cb2ecc01fdae1ca736tree
parent939dd479ac2c819da6cee21d00a21bfdb28d6eb2commit | diff
EVP_DigestUpdate(): Check if ctx->update is set

The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.

    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1

the issue has been introduced with openssl 3.0.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24753)
crypto/evp/digest.c diff | blob | blame | history
test/evp_extra_test.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git