diff options
| author | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-09 09:07:01 +0000 |
|---|---|---|
| committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-07-09 09:07:01 +0000 |
| commit | c42e1b2e46f0b3bde89ad9addffe020e195c356b (patch) | |
| tree | 671021173e601ef4f950e4245a2e489101360886 | |
| parent | 872e2936c6fbb4ad6e09d19691d18292871e48fc (diff) | |
Be more strict in RSA_padding_check_X931(), and thus avoid a possible
memcpy() with a negative size.
ok tedu@
| -rw-r--r-- | lib/libssl/src/crypto/rsa/rsa_x931.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libssl/src/crypto/rsa/rsa_x931.c b/lib/libssl/src/crypto/rsa/rsa_x931.c index f22c50ba13f..c3305139f80 100644 --- a/lib/libssl/src/crypto/rsa/rsa_x931.c +++ b/lib/libssl/src/crypto/rsa/rsa_x931.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */ +/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from, } else j = flen - 2; - if (p[j] != 0xCC) { + if (j < 0 || p[j] != 0xCC) { RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); return -1; } |