-
Notifications
You must be signed in to change notification settings - Fork 17.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/crypto/openpgp: ReadMessage(): Panic on invalid input in math/big.nat.div() (division by zero) #11505
Labels
Milestone
Comments
What version of Go? |
go version go1.4.2 linux/amd64 |
CL https://golang.org/cl/12356 mentions this issue. |
benburkert
pushed a commit
to benburkert/openpgp
that referenced
this issue
Feb 29, 2016
parseRSAPrivateKey calls rsa.PrivateKey.Precompute which triggers divide-by-zero panic if either p or q is 1. Sanity check the parsed values by calling rsa.PrivateKey.Validate. Fixes golang/go#11505 Change-Id: Ia6c9eccca0cfa49aaa58716e708c557a788bb204 Reviewed-on: https://go-review.googlesource.com/12356 Reviewed-by: Adam Langley <agl@golang.org>
c-expert-zigbee
pushed a commit
to c-expert-zigbee/crypto_go
that referenced
this issue
Mar 28, 2022
parseRSAPrivateKey calls rsa.PrivateKey.Precompute which triggers divide-by-zero panic if either p or q is 1. Sanity check the parsed values by calling rsa.PrivateKey.Validate. Fixes golang/go#11505 Change-Id: Ia6c9eccca0cfa49aaa58716e708c557a788bb204 Reviewed-on: https://go-review.googlesource.com/12356 Reviewed-by: Adam Langley <agl@golang.org>
c-expert-zigbee
pushed a commit
to c-expert-zigbee/crypto_go
that referenced
this issue
Mar 29, 2022
parseRSAPrivateKey calls rsa.PrivateKey.Precompute which triggers divide-by-zero panic if either p or q is 1. Sanity check the parsed values by calling rsa.PrivateKey.Validate. Fixes golang/go#11505 Change-Id: Ia6c9eccca0cfa49aaa58716e708c557a788bb204 Reviewed-on: https://go-review.googlesource.com/12356 Reviewed-by: Adam Langley <agl@golang.org>
BiiChris
pushed a commit
to BiiChris/crypto
that referenced
this issue
Sep 15, 2023
parseRSAPrivateKey calls rsa.PrivateKey.Precompute which triggers divide-by-zero panic if either p or q is 1. Sanity check the parsed values by calling rsa.PrivateKey.Validate. Fixes golang/go#11505 Change-Id: Ia6c9eccca0cfa49aaa58716e708c557a788bb204 Reviewed-on: https://go-review.googlesource.com/12356 Reviewed-by: Adam Langley <agl@golang.org>
desdeel2d0m
added a commit
to desdeel2d0m/crypto
that referenced
this issue
Jul 1, 2024
parseRSAPrivateKey calls rsa.PrivateKey.Precompute which triggers divide-by-zero panic if either p or q is 1. Sanity check the parsed values by calling rsa.PrivateKey.Validate. Fixes golang/go#11505 Change-Id: Ia6c9eccca0cfa49aaa58716e708c557a788bb204 Reviewed-on: https://go-review.googlesource.com/12356 Reviewed-by: Adam Langley <agl@golang.org>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The following program panics:
with the trace:
Found using gofuzz. You may assign this issue to me.
The text was updated successfully, but these errors were encountered: