c_cpp/libcryptopp
SHA256
8
0
Fork 0
forked from pool/libcryptopp
Code Pull Requests Activity
Files
main
libcryptopp/libcryptopp-CVE-2023-50981.patch
Dave Plater f808371d50 Accepting request 1136759 from home:pgajdos 
- security update
- added patches
  fix CVE-2023-50981 [bsc#1218222], issue on ModularSquareRoot function leads to potential DoS
  https://github.com/weidai11/cryptopp/pull/1255
  + libcryptopp-CVE-2023-50981.patch

OBS-URL: https://build.opensuse.org/request/show/1136759
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libcryptopp?expand=0&rev=79
2024-01-04 13:13:04 +00:00

15 lines
479 B
Diff
Raw Permalink Blame History

Index: cryptopp-CRYPTOPP_8_9_0/nbtheory.cpp
===================================================================
--- cryptopp-CRYPTOPP_8_9_0.orig/nbtheory.cpp
+++ cryptopp-CRYPTOPP_8_9_0/nbtheory.cpp
@@ -543,6 +543,9 @@ Integer CRT(const Integer &xp, const Int
Integer ModularSquareRoot(const Integer &a, const Integer &p)
{
+ if (!IsPrime(p))
+ throw InvalidArgument("ModularSquareRoot: p must be a prime");
+
if (p%4 == 3)
return a_exp_b_mod_c(a, (p+1)/4, p);
View Git Blame Copy Permalink