From 4de44aa0aec0fee42278aa079ad0912ed5a24daf Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Tue, 31 Dec 2013 11:43:01 +0100
Subject: [PATCH] Rewrote check to prevent read of uninitialized data in
 rsa_rsassa_pss_verify()

---
 library/rsa.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/rsa.c b/library/rsa.c
index 7b78b4e0e..af07a4954 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1161,7 +1161,7 @@ int rsa_rsassa_pss_verify( rsa_context *ctx,
 
     buf[0] &= 0xFF >> ( siglen * 8 - msb );
 
-    while( *p == 0 && p < buf + siglen )
+    while( p < buf + siglen && *p == 0 )
         p++;
 
     if( p == buf + siglen ||