From ba9ebd008376c1b090e93a91dd99d21f35565a66 Mon Sep 17 00:00:00 2001 From: Miod Vallat Date: Wed, 9 Jul 2014 09:07:01 +0000 Subject: Be more strict in RSA_padding_check_X931(), and thus avoid a possible memcpy() with a negative size. ok tedu@ --- lib/libcrypto/rsa/rsa_x931.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/libcrypto') diff --git a/lib/libcrypto/rsa/rsa_x931.c b/lib/libcrypto/rsa/rsa_x931.c index f22c50ba13f..c3305139f80 100644 --- a/lib/libcrypto/rsa/rsa_x931.c +++ b/lib/libcrypto/rsa/rsa_x931.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */ +/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from, } else j = flen - 2; - if (p[j] != 0xCC) { + if (j < 0 || p[j] != 0xCC) { RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER); return -1; } -- cgit v1.2.3