Included tests for the overflow

Conflicts:
	library/rsa.c
This commit is contained in:
Janos Follath 2016-02-08 14:52:29 +00:00 committed by Simon Butcher
parent bedc728fed
commit d95e8d1cb4

View File

@ -519,7 +519,8 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
olen = ctx->len; olen = ctx->len;
hlen = md_get_size( md_info ); hlen = md_get_size( md_info );
if( olen < ilen + 2 * hlen + 2 ) // first comparison checks for overflow
if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
memset( output, 0, olen ); memset( output, 0, olen );
@ -585,7 +586,8 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx,
olen = ctx->len; olen = ctx->len;
if( olen < ilen + 11 ) // first comparison checks for overflow
if( ilen + 11 < ilen || olen < ilen + 11 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
nb_pad = olen - 3 - ilen; nb_pad = olen - 3 - ilen;