yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-25 17:45:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

rsa: Enable use of zero-length null output

Browse Source 
Enable handling of zero-length null output in PKCS1 v1.5 decryption.
Prevent undefined behavior by avoiding a memcpy() to zero-length null
output buffers.
This commit is contained in:
Jaeden Amero 2019-02-06 10:44:56 +00:00 committed by Andrzej Kurek
parent 004f87b98d
commit 6f7703df3a
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
library/rsa.c
View File

@ -1696,9 +1696,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
plaintext_max_size, plaintext_max_size,
plaintext_max_size - plaintext_size ); plaintext_max_size - plaintext_size );
/* Finally copy the decrypted plaintext plus trailing zeros /* Finally copy the decrypted plaintext plus trailing zeros into the output
* into the output buffer. */ * buffer. If output_max_len is 0, then output may be an invalid pointer
memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size ); * and the result of memcpy() would be undefined; prevent undefined
* behavior making sure to depend only on output_max_len (the size of the
* user-provided output buffer), which is independent from plaintext
* length, validity of padding, success of the decryption, and other
* secrets. */
if( output_max_len != 0 )
memcpy( output, buf + ilen - plaintext_max_size, plaintext_max_size );
/* Report the amount of data we copied to the output buffer. In case /* Report the amount of data we copied to the output buffer. In case
* of errors (bad padding or output too large), the value of *olen * of errors (bad padding or output too large), the value of *olen