From: Mansour Ahmadi <m.ahmadi@northeastern.edu>
Date: Tue, 11 Dec 2018 22:26:50 +0000 (-0500)
Subject: fix inconsistent flen check in rsa_pk1 and rsa_oaep
X-Git-Tag: OpenSSL_1_1_1b~118
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=5db5edc99a8386516da06f8078e5134ccd65a64b

fix inconsistent flen check in rsa_pk1 and rsa_oaep

Fixes #7117

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7880)

(cherry picked from commit 4fea7005c3d08ed0d575bdea5082b7b0ce355237)
---

diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index b3a7a06117..0626907418 100644
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -161,7 +161,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
     unsigned int good, found_zero_byte, mask;
     int zero_index = 0, msg_index, mlen = -1;
 
-    if (tlen < 0 || flen < 0)
+    if (tlen <= 0 || flen <= 0)
         return -1;
 
     /*