Fix two invalid memory reads in RSA OAEP mode. Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com> Reviewed by: steve

commit: 94fd382f8b4abdc3e65e5be584b76c2b37017d7a [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Mon May 19 21:33:55 2008 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Mon May 19 21:33:55 2008 +0000
tree: 53e8a78208541e7dfad6e21d7859b367c3122c05
parent: 4bd4afa34e4c67279edee29c93b03bd7ed144d88 [diff] [blame]
diff --git a/CHANGES b/CHANGES
index 2f26937..b2b8202 100644
--- a/CHANGES
+++ b/CHANGES

@@ -685,6 +685,14 @@
      [NTT]
 
  Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]
+
+  *) RSA OAEP patches to fix two separate invalid memory reads.
+     The first one involves inputs when 'lzero' is greater than
+     'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
+     before the beginning of from). The second one involves inputs where
+     the 'db' section contains nothing but zeroes (there is a one-byte
+     invalid read after the end of 'db').
+     [Ivan Nesterlode <inestlerode@us.ibm.com>]
   
   *) Add TLS session ticket callback. This allows an application to set
      TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
commit	94fd382f8b4abdc3e65e5be584b76c2b37017d7a	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Mon May 19 21:33:55 2008 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Mon May 19 21:33:55 2008 +0000
tree	53e8a78208541e7dfad6e21d7859b367c3122c05
parent	4bd4afa34e4c67279edee29c93b03bd7ed144d88 [diff] [blame]