- Fixed potential memory zeroization on miscrafted RSA key

commit: 3c16db9a10a3087e1611cd8ffb9ca564c0e9cf60 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Thu Jul 05 13:58:08 2012 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Jul 05 13:58:08 2012 +0000
tree: 2d33b64c6da6895228f2069ba6a486c9b5d3b20f
parent: 5552c8c0b3bdb0607087eb3ea7b32becf96dbae5 [diff]
diff --git a/ChangeLog b/ChangeLog
index f862544..e00643b 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -51,6 +51,8 @@
      Frama-C team at CEA LIST)
    * Fixed generation of DHM parameters to correct length (found by Ruslan
      Yushchenko)
+   * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
+     Vanderbeken)
 
 = Version 1.1.3 released on 2012-04-29
 Bugfix

diff --git a/library/rsa.c b/library/rsa.c
index 215f1aa..6dfcdb3 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -679,7 +679,7 @@
                     return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
             }
 
-            if( nb_pad < 8 )
+            if( ( nb_pad < 8 ) || ( nb_pad > olen ) )
                 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
 
             *p++ = 0;
commit	3c16db9a10a3087e1611cd8ffb9ca564c0e9cf60	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Thu Jul 05 13:58:08 2012 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Jul 05 13:58:08 2012 +0000
tree	2d33b64c6da6895228f2069ba6a486c9b5d3b20f
parent	5552c8c0b3bdb0607087eb3ea7b32becf96dbae5 [diff]