From 0d71cee87b0bce7d3729ac4bbefbb42bda6cdb3c Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 19 Aug 2021 12:24:17 +0100
Subject: [PATCH 8/9] Fix EC_GROUP_new_from_ecparameters to check the base
 length

Check that there's at least one byte in params->base before trying to
read it.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
---
 CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_asn1.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_asn1.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_asn1.c
index 336afc9..98a742d 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_asn1.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_asn1.c
@@ -747,7 +747,10 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
         ret->seed_len = params->curve->seed->length;
     }
 
-    if (!params->order || !params->base || !params->base->data) {
+    if (params->order == NULL
+            || params->base == NULL
+            || params->base->data == NULL
+            || params->base->length == 0) {
         ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
         goto err;
     }
-- 
2.33.0