]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 3a34273) | patch
[release-branch.go1.17] math/big: prevent overflow in (*Rat).SetString
authorKatie Hockman <katie@golang.org>
Wed, 19 Jan 2022 21:54:41 +0000 (16:54 -0500)
committerKatie Hockman <katie@golang.org>
Fri, 28 Jan 2022 15:39:12 +0000 (15:39 +0000)
commit539d430efb5043cc6a2d4d4fcd2866b11717039a
tree385bc8b5e6b1a73c86562c84736958c88dff9020tree
parent3a34273b8a93bb2eb413fe63d8ff2d346a434dbdcommit | diff
[release-branch.go1.17] math/big: prevent overflow in (*Rat).SetString

Credit to rsc@ for the original patch.

Thanks to the OSS-Fuzz project for discovering this
issue and to Emmanuel Odeke (@odeke_et) for reporting it.

Updates #50699
Fixes #50701
Fixes CVE-2022-23772

Change-Id: I590395a3d55689625390cf1e58f5f40623b26ee5
Reviewed-on: https://go-review.googlesource.com/c/go/+/379537
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Julie Qiu <julie@golang.org>
(cherry picked from commit ad345c265916bbf6c646865e4642eafce6d39e78)
Reviewed-on: https://go-review.googlesource.com/c/go/+/381336
Reviewed-by: Filippo Valsorda <filippo@golang.org>
src/math/big/ratconv.go diff | blob | history
src/math/big/ratconv_test.go diff | blob | history
Go GOST TLS 1.3