mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 15:08:20 +00:00
- Fixed potential memory zeroization on miscrafted RSA key
This commit is contained in:
parent
5552c8c0b3
commit
3c16db9a10
2 changed files with 3 additions and 1 deletions
|
@ -51,6 +51,8 @@ Security
|
|||
Frama-C team at CEA LIST)
|
||||
* Fixed generation of DHM parameters to correct length (found by Ruslan
|
||||
Yushchenko)
|
||||
* Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
|
||||
Vanderbeken)
|
||||
|
||||
= Version 1.1.3 released on 2012-04-29
|
||||
Bugfix
|
||||
|
|
|
@ -679,7 +679,7 @@ int rsa_pkcs1_sign( rsa_context *ctx,
|
|||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
if( nb_pad < 8 )
|
||||
if( ( nb_pad < 8 ) || ( nb_pad > olen ) )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
*p++ = 0;
|
||||
|
|
Loading…
Reference in a new issue