nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-03-22 14:39:24 -05:00
Code Issues Projects Releases Wiki Activity

Fix an assertion failure when loading Ed25519 keys.

Browse Source 
"amax == 0 || a[amax] != 0"

Essentially, when decodepoint_ed() clears the top bit of the key, it
needs to call bn_restore_invariant() in case that left the high-order
word zero.

Bug found with the help of afl-fuzz.
This commit is contained in:
Ben Harris 2015-10-12 23:43:49 +01:00
parent b94a076955
commit 0629f1dfa5
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sshecc.c
View File

@ -1648,6 +1648,7 @@ static int decodepoint_ed(const char *p, int length, struct ec_point *point)
/* Read x bit and then reset it */ /* Read x bit and then reset it */
negative = bignum_bit(point->y, point->curve->fieldBits - 1); negative = bignum_bit(point->y, point->curve->fieldBits - 1);
bignum_set_bit(point->y, point->curve->fieldBits - 1, 0); bignum_set_bit(point->y, point->curve->fieldBits - 1, 0);
bn_restore_invariant(point->y);
/* Get the x from the y */ /* Get the x from the y */
point->x = ecp_edx(point->curve, point->y); point->x = ecp_edx(point->curve, point->y);