Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.

[openssl.git] / crypto / rsa / rsa_pss.c

diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index 2815628..2e44194 100644 (file)
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -1,5 +1,5 @@
 /* rsa_pss.c */
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
 /* ====================================================================
@@ -64,7 +64,11 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
-const static unsigned char zeroes[] = {0,0,0,0,0,0,0,0};
+static const unsigned char zeroes[] = {0,0,0,0,0,0,0,0};
+
+#if defined(_MSC_VER) && defined(_ARM_)
+#pragma optimize("g", off)
+#endif
 
 int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
                        const EVP_MD *Hash, const unsigned char *EM, int sLen)
@@ -77,6 +81,12 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
        EVP_MD_CTX ctx;
        unsigned char H_[EVP_MAX_MD_SIZE];
 
+       if (Hash == NULL)
+               {
+               RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_ARGUMENT);
+               goto err;
+               }
+
        hLen = EVP_MD_size(Hash);
        /*
         * Negative sLen has special meanings:
@@ -259,3 +269,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
        return ret;
 
        }
+
+#if defined(_MSC_VER)
+#pragma optimize("",on)
+#endif