commit | 1b333df59ea2aa650e7c2694c577fe700d98026c | [log] [tgz] |
---|---|---|
author | nagendra modadugu <ngm@google.com> | Thu Sep 08 14:33:34 2016 -0700 |
committer | chrome-bot <chrome-bot@chromium.org> | Mon Sep 12 11:38:04 2016 -0700 |
tree | f1fade5d46c9f4308ad245adf24f63c726f89f88 | |
parent | 13cc7264517483b6b020ee696a0ae73667c65f6b [diff] |
tpm2: have _cpri__TestKeyRSA return failure if p == 0 _cpri__TestKeyRSA attempts to calculate q = N/p if q is not provided by the caller. However, the caller may specifiy a p that equals zero, which results in BN_div() returning error, and a corresponding abort() being executed. This change checks if p is zero, and returns failure as appropriate. This issue discovered by AFL fuzz. BRANCH=none BUG=chrome-os-partner:56825 TEST=fuzz test no longer results in a crash; TCG tests pass Change-Id: I09ff2c62204205efaa4114d146ce4a38be170572 Signed-off-by: nagendra modadugu <ngm@google.com> Reviewed-on: https://chromium-review.googlesource.com/383000 Commit-Ready: Nagendra Modadugu <ngm@google.com> Tested-by: Nagendra Modadugu <ngm@google.com> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org>