mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 13:13:44 +01:00
a7ca71cf6b
This function -- a mock replacement used only for fuzzing -- would have a buffer overflow if it got an RSA key whose modulus was under 20 bytes long. Fortunately, Tor itself does not appear to have a bug here. Fixes bug 24247; bugfix on 0.3.0.3-alpha when fuzzing was introduced. Found by OSS-Fuzz; this is OSS-Fuzz issue 4177.
7 lines
361 B
Plaintext
7 lines
361 B
Plaintext
o Minor bugfixes (fuzzing):
|
|
- Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(), to
|
|
correctly handle cases where a caller gives it an RSA key of under 160
|
|
bits. (This is not actually a bug in Tor itself, but wrather in our
|
|
fuzzing code.) Fixes bug 24247; bugfix on 0.3.0.3-alpha.
|
|
Found by OSS-Fuzz as issue 4177.
|