cve-2019-6486

author Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org>

Fri, 21 Jan 2022 18:45:18 +0000 (18:45 +0000)

committer Sylvain Beucler <beuc@debian.org>

Fri, 21 Jan 2022 18:45:18 +0000 (18:45 +0000)
author Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org>
Fri, 21 Jan 2022 18:45:18 +0000 (18:45 +0000)
committer Sylvain Beucler <beuc@debian.org>
Fri, 21 Jan 2022 18:45:18 +0000 (18:45 +0000)
diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go

index c02df45d10502d129bf3bf48406593492d8d85c9..337adff7fa19b65edf5c460db662ffd8d7732fdc 100644 (file)
--- a/src/crypto/elliptic/elliptic.go
+++ b/src/crypto/elliptic/elliptic.go
@@ -210,8 +210,9 @@ func (curve *CurveParams) doubleJacobian(x, y, z *big.Int) (*big.Int, *big.Int,
  
         x3 := new(big.Int).Mul(alpha, alpha)
         beta8 := new(big.Int).Lsh(beta, 3)
+       beta8.Mod(beta8, curve.P)
         x3.Sub(x3, beta8)
-       for x3.Sign() == -1 {
+       if x3.Sign() == -1 {
                 x3.Add(x3, curve.P)
         }
         x3.Mod(x3, curve.P)
author	Go Compiler Team <pkg-golang-devel@lists.alioth.debian.org>
	Fri, 21 Jan 2022 18:45:18 +0000 (18:45 +0000)
committer	Sylvain Beucler <beuc@debian.org>
	Fri, 21 Jan 2022 18:45:18 +0000 (18:45 +0000)