projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
make sure we don't write to seed[-1]
[openssl.git]
/
crypto
/
rsa
/
rsa_oaep.c
diff --git
a/crypto/rsa/rsa_oaep.c
b/crypto/rsa/rsa_oaep.c
index e3d81a7a37916c410e8123e49609b1579615ff42..a3361dc3d76a6d6e197ba65bc99682d68a88c813 100644
(file)
--- a/
crypto/rsa/rsa_oaep.c
+++ b/
crypto/rsa/rsa_oaep.c
@@
-111,6
+111,11
@@
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
}
lzero = num - flen;
+ if (lzero < 0)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
+ return (-1);
+ }
maskeddb = from - lzero + SHA_DIGEST_LENGTH;
MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
projects / openssl.git / blobdiff