From 9083ef933c7f44d6ee3cd1b7ca91135fdada8e31 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Mon, 5 Mar 2018 10:15:53 -0800 Subject: external/boringssl: cherry-pick crash fix This change cherry-picks the following change from upstream: commit 61dedd681501616de5928fe5c0eac6640d4de0c1 Author: Adam Langley Date: Wed Feb 7 14:59:44 2018 -0800 Don't crash when failing to set affine coordinates when the generator is missing. If a caller is in the process on constructing an arbitrary |EC_GROUP|, and they try to create an |EC_POINT| to set as the generator which is invalid, we would previously crash. Change-Id: Ida91354257a02bd56ac29ba3104c9782b8d70f6b Reviewed-on: https://boringssl-review.googlesource.com/25764 Commit-Queue: David Benjamin Reviewed-by: David Benjamin CQ-Verified: CQ bot account: commit-bot@chromium.org Change-Id: I27fc13f2bb2538b7f9621d94438653e58ee79e7b Test: has been running internally for several weeks without issue. --- src/crypto/fipsmodule/ec/ec.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/crypto/fipsmodule/ec/ec.c b/src/crypto/fipsmodule/ec/ec.c index 616df162..e45a7e34 100644 --- a/src/crypto/fipsmodule/ec/ec.c +++ b/src/crypto/fipsmodule/ec/ec.c @@ -768,7 +768,13 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, if (!EC_POINT_is_on_curve(group, point, ctx)) { // In the event of an error, defend against the caller not checking the // return value by setting a known safe value: the base point. - EC_POINT_copy(point, EC_GROUP_get0_generator(group)); + const EC_POINT *generator = EC_GROUP_get0_generator(group); + // The generator can be missing if the caller is in the process of + // constructing an arbitrary group. In this, we give up and hope they're + // checking the return value. + if (generator) { + EC_POINT_copy(point, generator); + } OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); return 0; } -- cgit v1.2.3