X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frsa%2Frsa_oaep.c;h=a3361dc3d76a6d6e197ba65bc99682d68a88c813;hp=e3d81a7a37916c410e8123e49609b1579615ff42;hb=ee8aa8217abc66c7d5d280960755a0180a20757d;hpb=2b49dd1e8f62a5609e9ed7071b3e1d768f347323

diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index e3d81a7a37..a3361dc3d7 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -111,6 +111,11 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 	}
 
     lzero = num - flen;
+    if (lzero < 0)
+    {
+    RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
+    return (-1);
+    }
     maskeddb = from - lzero + SHA_DIGEST_LENGTH;
     
     MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);