Fixed potential memory zeroization on miscrafted RSA key (cherry picked from commit 3c16db9a10a3087e1611cd8ffb9ca564c0e9cf60) Conflicts: ChangeLog (Moved message to 'Branch 1.1')

commit: 0ea57e8c7a3acec0feb67aa629716112298ed707 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Thu Jul 05 13:58:08 2012 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Mon Jan 14 17:36:47 2013 +0100
tree: 501d84bebc60893e53c44db8fb9f8fb7303b9d8e
parent: 9a120fd4f73ddff5f0cf32b79625bf3e30977f69 [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index ed1f45b..278686b 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -646,7 +646,7 @@
                     return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
             }
 
-            if( nb_pad < 8 )
+            if( ( nb_pad < 8 ) || ( nb_pad > olen ) )
                 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
 
             *p++ = 0;
commit	0ea57e8c7a3acec0feb67aa629716112298ed707	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Thu Jul 05 13:58:08 2012 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Mon Jan 14 17:36:47 2013 +0100
tree	501d84bebc60893e53c44db8fb9f8fb7303b9d8e
parent	9a120fd4f73ddff5f0cf32b79625bf3e30977f69 [diff] [blame]