)]}'
{
  "commit": "36cf45ef3ba71e44a8be06ee81cb31aa02cb0010",
  "tree": "0ee29a85738c2ad5363c826336e5543accbf41ea",
  "parents": [
    "4b8a8bb75229b64d1c7598d845fdc3c7e7d7eee2"
  ],
  "author": {
    "name": "Matt Caswell",
    "email": "matt@openssl.org",
    "time": "Fri Aug 13 14:14:51 2021 +0100"
  },
  "committer": {
    "name": "Matt Caswell",
    "email": "matt@openssl.org",
    "time": "Tue Aug 24 14:22:07 2021 +0100"
  },
  "message": "Correctly calculate the length of SM2 plaintext given the ciphertext\n\nPreviously the length of the SM2 plaintext could be incorrectly calculated.\nThe plaintext length was calculated by taking the ciphertext length and\ntaking off an \"overhead\" value.\n\nThe overhead value was assumed to have a \"fixed\" element of 10 bytes.\nThis is incorrect since in some circumstances it can be more than 10 bytes.\nAdditionally the overhead included the length of two integers C1x and C1y,\nwhich were assumed to be the same length as the field size (32 bytes for\nthe SM2 curve). However in some cases these integers can have an additional\npadding byte when the msb is set, to disambiguate them from negative\nintegers. Additionally the integers can also be less than 32 bytes in\nlength in some cases.\n\nIf the calculated overhead is incorrect and larger than the actual value\nthis can result in the calculated plaintext length being too small.\nApplications are likely to allocate buffer sizes based on this and therefore\na buffer overrun can occur.\n\nCVE-2021-3711\n\nIssue reported by John Ouyang.\n\nReviewed-by: Paul Dale \u003cpauli@openssl.org\u003e\nReviewed-by: Nicola Tuveri \u003cnic.tuv@gmail.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "105dd4ce704d02849a6eefe87a180ba73ed906c9",
      "old_mode": 33188,
      "old_path": "crypto/sm2/sm2_crypt.c",
      "new_id": "2c7264e42b633f62534ebf4fb11b6e668f84b749",
      "new_mode": 33188,
      "new_path": "crypto/sm2/sm2_crypt.c"
    },
    {
      "type": "modify",
      "old_id": "165c01810f8cc20d73d6d19c92a9fc54554dc948",
      "old_mode": 33188,
      "old_path": "include/crypto/sm2.h",
      "new_id": "9ab6c0b722364b9e8554e2093675300e6a90bbe6",
      "new_mode": 33188,
      "new_path": "include/crypto/sm2.h"
    },
    {
      "type": "modify",
      "old_id": "c9dba32ffb6c741a7c9056ac60e359b390c021ef",
      "old_mode": 33188,
      "old_path": "providers/implementations/asymciphers/sm2_enc.c",
      "new_id": "9577d16e8384153c5cbf934c6c6401185f505562",
      "new_mode": 33188,
      "new_path": "providers/implementations/asymciphers/sm2_enc.c"
    },
    {
      "type": "modify",
      "old_id": "e91a1a489861b4d83a7b0f18004ce69614b34602",
      "old_mode": 33188,
      "old_path": "test/sm2_internal_test.c",
      "new_id": "22d23b6c5c7e42c5288b87405e0c360e18e42f38",
      "new_mode": 33188,
      "new_path": "test/sm2_internal_test.c"
    }
  ]
}