diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-17 09:40:00 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-17 09:40:00 +0200 |
commit | ecae6fd894ad140b3e099fa176f2d4b286caaf65 (patch) | |
tree | e0eafbfdda8c329ca8ab001b04d2a8016a92117e | |
parent | 37194f8ebd37851428c7f965dfa93def4b5d294b (diff) | |
download | gnutls-ecae6fd894ad140b3e099fa176f2d4b286caaf65.tar.gz |
more sanity checks on signature size
-rw-r--r-- | lib/x509/common.c | 2 | ||||
-rw-r--r-- | lib/x509/x509.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/lib/x509/common.c b/lib/x509/common.c index 3376fe3cc9..8c482123d7 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -1611,7 +1611,7 @@ _gnutls_x509_get_signature(ASN1_TYPE src, const char *src_name, } bits = len; - if (bits % 8 != 0) { + if (bits % 8 != 0 || bits < 8) { gnutls_assert(); result = GNUTLS_E_CERTIFICATE_ERROR; goto cleanup; diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 2a75bf9753..aee162a668 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -596,7 +596,7 @@ gnutls_x509_crt_get_signature(gnutls_x509_crt_t cert, } bits = len; - if (bits % 8 != 0 || bits == 0) { + if (bits % 8 != 0 || bits < 8) { gnutls_assert(); return GNUTLS_E_CERTIFICATE_ERROR; } |