File CVE-2021-3711-3-Check-the-plaintext-buffer-is-large-enough-when-decr.patch of Package openssl-1_1
16
1
Index: openssl-1.1.1d/crypto/sm2/sm2_crypt.c
2
===================================================================
3
--- openssl-1.1.1d.orig/crypto/sm2/sm2_crypt.c
4
+++ openssl-1.1.1d/crypto/sm2/sm2_crypt.c
5
6
C2 = sm2_ctext->C2->data;
7
C3 = sm2_ctext->C3->data;
8
msg_len = sm2_ctext->C2->length;
9
+ if (*ptext_len < (size_t)msg_len) {
10
+ SM2err(SM2_F_SM2_DECRYPT, SM2_R_BUFFER_TOO_SMALL);
11
+ goto done;
12
+ }
13
14
ctx = BN_CTX_new();
15
if (ctx == NULL) {
16