gcry_mpi_invm succeeds if the inverse does not exist
NIIBE Yutaka
gniibe at fsij.org
Mon Jun 1 09:39:30 CEST 2020
Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
> Cryptofuzz is reporting another heap-buffer-overflow issue in
> _gcry_mpi_invm. I've attached reproducer, original from Guido and
> as patch applied to tests/basic.c.
My fix of 69b55f87053ce2494cd4b38dc600f867bc4355be was not enough.
I just push another change:
6f8b1d4cb798375e6d830fd6b73c71da93ee5f3f
Thank you for your report.
--
More information about the Gcrypt-devel
mailing list