the final byte of a pkcs7 padded plaintext can never be 0

author Nils Larsch <nils@openssl.org>

Wed, 20 Jul 2005 22:03:36 +0000 (22:03 +0000)

committer Nils Larsch <nils@openssl.org>

Wed, 20 Jul 2005 22:03:36 +0000 (22:03 +0000)
author Nils Larsch <nils@openssl.org>
Wed, 20 Jul 2005 22:03:36 +0000 (22:03 +0000)
committer Nils Larsch <nils@openssl.org>
Wed, 20 Jul 2005 22:03:36 +0000 (22:03 +0000)
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c

index e8456322395e55694d8a60201b87baa1cc01e0dd..22cb6131be2e409027ed2006dabac213751fbaf0 100644 (file)
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -449,7 +449,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                         }
                 OPENSSL_assert(b <= sizeof ctx->final);
                 n=ctx->final[b-1];
-               if (n > (int)b)
+               if (n == 0 || n > (int)b)
                         {
                         EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT);
                         return(0);
author	Nils Larsch <nils@openssl.org>
	Wed, 20 Jul 2005 22:03:36 +0000 (22:03 +0000)
committer	Nils Larsch <nils@openssl.org>
	Wed, 20 Jul 2005 22:03:36 +0000 (22:03 +0000)