Add a length check in rsa_get_pubkey()

commit: c13c0d4524dedde047bc089a139b686ea85bc822 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Aug 15 13:58:01 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Fri Aug 16 14:00:52 2013 +0200
tree: 8549873fd4768e834a6f89fee2e508101aae3b03
parent: 56a487a17fc3347c18daef2336cce2d82e24d39b [diff] [blame]
diff --git a/library/x509parse.c b/library/x509parse.c
index 6d7d08d..a4ee6b5 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c

@@ -518,6 +518,10 @@
         ( ret = asn1_get_mpi( p, end, &rsa->E ) ) != 0 )
         return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
 
+    if( *p != end )
+        return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
+                POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
+
     if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
         return( ret );
commit	c13c0d4524dedde047bc089a139b686ea85bc822	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Aug 15 13:58:01 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Fri Aug 16 14:00:52 2013 +0200
tree	8549873fd4768e834a6f89fee2e508101aae3b03
parent	56a487a17fc3347c18daef2336cce2d82e24d39b [diff] [blame]