diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-01-19 09:20:28 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-01-19 09:22:57 +0100 |
commit | a0c10aaf2ae401b4f0e4705d58bb49cff9f92c67 (patch) | |
tree | aa747de5cfd035e3711f1e389131db68ec4f0111 | |
parent | 079153c639b85dc3538e06662b502621fe127595 (diff) | |
download | gnutls-a0c10aaf2ae401b4f0e4705d58bb49cff9f92c67.tar.gz |
_gnutls_decrypt_pbes1_des_md5_data: ensure that encrypted data size is a multiple of blocksize
That prevents incorrect data reaching nettle which has only
assertion checks (leading to an abort).
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/x509/privkey_pkcs8_pbes1.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/x509/privkey_pkcs8_pbes1.c b/lib/x509/privkey_pkcs8_pbes1.c index 933363d37c..86ba2609f0 100644 --- a/lib/x509/privkey_pkcs8_pbes1.c +++ b/lib/x509/privkey_pkcs8_pbes1.c @@ -142,10 +142,14 @@ _gnutls_decrypt_pbes1_des_md5_data(const char *password, gnutls_datum_t dkey, d_iv; cipher_hd_st ch; uint8_t key[16]; + const unsigned block_size = 8; if (enc_params->cipher != GNUTLS_CIPHER_DES_CBC) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + if (encrypted_data->size % block_size != 0) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + /* generate the key */ pbkdf1_md5(password, password_len, kdf_params->salt, kdf_params->iter_count, sizeof(key), key); |