Rewrote check to prevent read of uninitialized data in rsa_rsassa_pss_verify()

commit: 4de44aa0aec0fee42278aa079ad0912ed5a24daf [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Tue Dec 31 11:43:01 2013 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Tue Dec 31 11:43:01 2013 +0100
tree: 47b74fb1c58e54ec3da23c42240581e0f9b0c4b1
parent: 6992eb762cd7364208acb68abfe5391aa2d0322d [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index 7b78b4e..af07a49 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -1161,7 +1161,7 @@
 
     buf[0] &= 0xFF >> ( siglen * 8 - msb );
 
-    while( *p == 0 && p < buf + siglen )
+    while( p < buf + siglen && *p == 0 )
         p++;
 
     if( p == buf + siglen ||
commit	4de44aa0aec0fee42278aa079ad0912ed5a24daf	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Tue Dec 31 11:43:01 2013 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Tue Dec 31 11:43:01 2013 +0100
tree	47b74fb1c58e54ec3da23c42240581e0f9b0c4b1
parent	6992eb762cd7364208acb68abfe5391aa2d0322d [diff] [blame]