mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 02:25:40 +01:00
- Fixed potential memory zeroization on miscrafted RSA key
This commit is contained in:
parent
5552c8c0b3
commit
3c16db9a10
@ -51,6 +51,8 @@ Security
|
|||||||
Frama-C team at CEA LIST)
|
Frama-C team at CEA LIST)
|
||||||
* Fixed generation of DHM parameters to correct length (found by Ruslan
|
* Fixed generation of DHM parameters to correct length (found by Ruslan
|
||||||
Yushchenko)
|
Yushchenko)
|
||||||
|
* Fixed potential memory zeroization on miscrafted RSA key (found by Eloi
|
||||||
|
Vanderbeken)
|
||||||
|
|
||||||
= Version 1.1.3 released on 2012-04-29
|
= Version 1.1.3 released on 2012-04-29
|
||||||
Bugfix
|
Bugfix
|
||||||
|
@ -679,7 +679,7 @@ int rsa_pkcs1_sign( rsa_context *ctx,
|
|||||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( nb_pad < 8 )
|
if( ( nb_pad < 8 ) || ( nb_pad > olen ) )
|
||||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||||
|
|
||||||
*p++ = 0;
|
*p++ = 0;
|
||||||
|
Loading…
Reference in New Issue
Block a user