Check input length to pkey_rsa_verify()

author Dr. Stephen Henson <steve@openssl.org>

Thu, 8 Dec 2016 12:16:02 +0000 (12:16 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 10 Dec 2016 02:53:52 +0000 (02:53 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Thu, 8 Dec 2016 12:16:02 +0000 (12:16 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 10 Dec 2016 02:53:52 +0000 (02:53 +0000)
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c

index 94db87a0637d1fff7400c3caff850429dc8fffb9..ac583bf60b0181e0013b3b204da6b2965ed4031b 100644 (file)
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -373,6 +373,10 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
          if (rctx->pad_mode == RSA_PKCS1_PADDING)
              return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
                                sig, siglen, rsa);
+        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+            RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
+            return -1;
+        }
          if (rctx->pad_mode == RSA_X931_PADDING) {
              if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
                  return 0;
author	Dr. Stephen Henson <steve@openssl.org>
	Thu, 8 Dec 2016 12:16:02 +0000 (12:16 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 10 Dec 2016 02:53:52 +0000 (02:53 +0000)