gcry_mpi_invm succeeds if the inverse does not exist
Guido Vranken
guidovranken at gmail.com
Thu Sep 3 14:19:22 CEST 2020
The following inputs to gcry_mpi_invm():
36fb5bdb5daa9864113ad8a49a41722fc7003a40b02a13daca6997859c2d8534192ff6c02447
25c88352cfa171fc728503df037c355a6d5588b22e3510b08f10848ad7c0980b400
produces the number:
66CAF1A9A03478A288760C2E05E237F11432BA70BECEE56D942ACCD337470E5D77
But this is incorrect (another library reports the modular inverse does not
exist).
----------
The following inputs to gcry_mpi_invm():
12cf3a8ca3d97bea2f080362600cee355
1c3fddf62aee0be2f6dc2ef8471f1be2e
produces the number:
60A6520F494E6EE6EE436283FB34B945
but it should produce:
1339462644931fd624528ea6b3fb1f985
On Mon, Jun 1, 2020 at 9:39 AM NIIBE Yutaka <gniibe at fsij.org> wrote:
> Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
> > Cryptofuzz is reporting another heap-buffer-overflow issue in
> > _gcry_mpi_invm. I've attached reproducer, original from Guido and
> > as patch applied to tests/basic.c.
>
> My fix of 69b55f87053ce2494cd4b38dc600f867bc4355be was not enough.
> I just push another change:
>
> 6f8b1d4cb798375e6d830fd6b73c71da93ee5f3f
>
> Thank you for your report.
> --
>
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20200903/bf2ab177/attachment.html>
More information about the Gcrypt-devel
mailing list