openssl/CVE-2021-3712-0002-Fix-EC_GROUP_new_from_ecparameters-to-check-the-base.patch

From 94d23fcff9b2a7a8368dfe52214d5c2569882c11 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 19 Aug 2021 12:24:17 +0100
Subject: [PATCH] Fix EC_GROUP_new_from_ecparameters to check the base length

Check that there's at least one byte in params->base before trying to
read it.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>

Reference: https://github.com/openssl/openssl/commit/94d23fcff9b2a7a8368dfe52214d5c2569882c11
Conflict: NA
---
 crypto/ec/ec_asn1.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 7b7c75ce84..e497a25909 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -761,7 +761,10 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
         ret->seed_len = params->curve->seed->length;
     }
 
-    if (!params->order || !params->base || !params->base->data) {
+    if (params->order == NULL
+            || params->base == NULL
+            || params->base->data == NULL
+            || params->base->length == 0) {
         ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
         goto err;
     }
-- 
2.23.0
fix the CVE-2021-3711 and CVE-2021-3712 2021-08-30 19:42:00 +08:00			`From 94d23fcff9b2a7a8368dfe52214d5c2569882c11 Mon Sep 17 00:00:00 2001`
			`From: Matt Caswell <matt@openssl.org>`
			`Date: Thu, 19 Aug 2021 12:24:17 +0100`
			`Subject: [PATCH] Fix EC_GROUP_new_from_ecparameters to check the base length`

			`Check that there's at least one byte in params->base before trying to`
			`read it.`

			`CVE-2021-3712`

			`Reviewed-by: Viktor Dukhovni <viktor@openssl.org>`
			`Reviewed-by: Paul Dale <pauli@openssl.org>`

			`Reference: https://github.com/openssl/openssl/commit/94d23fcff9b2a7a8368dfe52214d5c2569882c11`
			`Conflict: NA`
			`---`
			`crypto/ec/ec_asn1.c \| 5 ++++-`
			`1 file changed, 4 insertions(+), 1 deletion(-)`

			`diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c`
			`index 7b7c75ce84..e497a25909 100644`
			`--- a/crypto/ec/ec_asn1.c`
			`+++ b/crypto/ec/ec_asn1.c`
			`@@ -761,7 +761,10 @@ EC_GROUP EC_GROUP_new_from_ecparameters(const ECPARAMETERS params)`
			`ret->seed_len = params->curve->seed->length;`
			`}`

			`- if (!params->order \|\| !params->base \|\| !params->base->data) {`
			`+ if (params->order == NULL`
			`+ \|\| params->base == NULL`
			`+ \|\| params->base->data == NULL`
			`+ \|\| params->base->length == 0) {`
			`ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);`
			`goto err;`
			`}`
			`--`
			`2.23.0`