Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: 545070568391b4a44a8a8a65d30579f8e75abeef
https://github.com/openssl/openssl/commit/545070568391b4a44a8a8a65d30579f8e75abeef
Author: sashan <[email protected]>
Date: 2024-07-11 (Thu, 11 Jul 2024)
Changed paths:
M crypto/evp/digest.c
M test/evp_extra_test.c
Log Message:
-----------
EVP_DigestUpdate(): Check if ctx->update is set
The issue has been discovered by libFuzzer running on provider target.
There are currently three distinct reports which are addressed by
code change here.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69236#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69243#c1
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69261#c1
the issue has been introduced with openssl 3.0.
Reviewed-by: Neil Horman <[email protected]>
Reviewed-by: Bernd Edlinger <[email protected]>
Reviewed-by: Tomas Mraz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/24753)
(cherry picked from commit ad33d62396b7e9db04fdf060481ced394d391688)
To unsubscribe from these emails, change your notification settings at
https://github.com/openssl/openssl/settings/notifications
