zlei6/go-zero
1
0
Fork 0
mirror of https://github.com/zeromicro/go-zero.git synced 2026-05-10 16:30:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: critical security fixes in core/codec (S0) (#5479)

Browse Source
This commit is contained in:
Kevin Wan
2026-03-15 16:40:15 +08:00
committed by GitHub
parent ec802e25a6
commit d1a014955c
6 changed files with 291 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/codec/dh.go
View File

@@ -35,7 +35,7 @@ func ComputeKey(pubKey, priKey *big.Int) (*big.Int, error) {
return nil, ErrInvalidPubKey
}
if pubKey.Sign() <= 0 && p.Cmp(pubKey) <= 0 {
if pubKey.Sign() <= 0 || p.Cmp(pubKey) <= 0 {
return nil, ErrPubKeyOutOfBound
}