Check tlen size in all padding_check functions. As called within the rsa

library, the output buffer always is large enough, but if the tlen
parameter is there, it should be checked in the interest of clarity,
as proposed by David Sacerdote <das33@cornell.edu>.

diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index b35eb626824e2f7dc49af7e3a3e4e61698e23340..48a32bc264a807e66b5fce3bd54a20b030b6936b 100644 (file)
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -79,7 +79,7 @@ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
        *(p++)=0;
        *(p++)=1; /* Private Key BT (Block Type) */
 
-       /* padd out with 0xff data */
+       /* pad out with 0xff data */
        j=tlen-3-flen;
        memset(p,0xff,j);
        p+=j;
@@ -130,6 +130,11 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
                }
        i++; /* Skip over the '\0' */
        j-=i;
+       if (j > tlen)
+               {
+               RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE);
+               return(-1);
+               }
        memcpy(to,p,(unsigned int)j);
 
        return(j);
@@ -207,6 +212,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
                }
        i++; /* Skip over the '\0' */
        j-=i;
+       if (j > tlen)
+               {
+               RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE);
+               return(-1);
+               }
        memcpy(to,p,(unsigned int)j);
 
        return(j);

diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
index 83dfc80c1d77cb309316830c6a305ff046904b9f..81a857c81368e7750883d88c1c74180cae9ae02c 100644 (file)
--- a/crypto/rsa/rsa_ssl.c
+++ b/crypto/rsa/rsa_ssl.c
@@ -142,6 +142,11 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, unsigned char *from,
 
        i++; /* Skip over the '\0' */
        j-=i;
+       if (j > tlen)
+               {
+               RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE);
+               return(-1);
+               }
        memcpy(to,p,(unsigned int)j);
 
        return(j);