diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-09 09:07:01 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-09 09:07:01 +0000 |
| commit | ba9ebd008376c1b090e93a91dd99d21f35565a66 (patch) | |
| tree | 97bc4b6fdf921a5cbfda372c6cd09d9a169c9442 | |
| parent | 14f278acf602b0a7c2d4f0a39c6cbe660d30c0cd (diff) | |
Be more strict in RSA_padding_check_X931(), and thus avoid a possible
memcpy() with a negative size.
ok tedu@
| -rw-r--r-- | lib/libcrypto/rsa/rsa_x931.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libcrypto/rsa/rsa_x931.c b/lib/libcrypto/rsa/rsa_x931.c index f22c50ba13f..c3305139f80 100644 --- a/lib/libcrypto/rsa/rsa_x931.c +++ b/lib/libcrypto/rsa/rsa_x931.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */ +/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from, } else j = flen - 2; - if (p[j] != 0xCC) { + if (j < 0 || p[j] != 0xCC) { RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); return -1; } |