[PATCH] * Avoid potential out-of-bounds read, due to incorrect checking.
Joshua Rogers
git at internot.info
Sun Dec 28 06:59:51 CET 2014
* mpi/mpiutil.c (_gcry_mpi_const): Check 'no' against =>
MPI_NUMBER_OF_CONSTANTS to avoid a potential out-of-bounds read
--
Signed-off-by: Joshua Rogers <git at internot.info>
---
mpi/mpiutil.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c
index f74dd91..0a833d2 100644
--- a/mpi/mpiutil.c
+++ b/mpi/mpiutil.c
@@ -690,7 +690,7 @@ _gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag)
gcry_mpi_t
_gcry_mpi_const (enum gcry_mpi_constants no)
{
- if ((int)no < 0 || no > MPI_NUMBER_OF_CONSTANTS)
+ if ((int)no < 0 || no >= MPI_NUMBER_OF_CONSTANTS)
log_bug("invalid mpi_const selector %d\n", no);
if (!constants[no])
log_bug("MPI subsystem not initialized\n");
--
1.9.1
More information about the Gcrypt-devel
mailing list