diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-02-26 11:51:07 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-08-09 15:53:00 +0200 |
commit | db3315078b3ca9c360e8dbe259466d3eadaf37dc (patch) | |
tree | cd4ec87d5240f76d874f3e96d0eb7dd09a5fddfa | |
parent | ad0fbec878d9c2181f86a578f7e1cde736ae4c43 (diff) | |
download | gnutls-db3315078b3ca9c360e8dbe259466d3eadaf37dc.tar.gz |
backported signature checks.
-rw-r--r-- | lib/x509/common.c | 2 | ||||
-rw-r--r-- | lib/x509/x509.c | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/lib/x509/common.c b/lib/x509/common.c index 6e822ad547..97eb42b09e 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -1472,7 +1472,7 @@ _gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, goto cleanup; } - if (bits % 8 != 0) + if (bits % 8 != 0 || bits < 8) { gnutls_assert (); result = GNUTLS_E_CERTIFICATE_ERROR; diff --git a/lib/x509/x509.c b/lib/x509/x509.c index d12d44ed88..b9237ca74b 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -612,7 +612,7 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, return _gnutls_asn2err (result); } - if (bits % 8 != 0) + if (bits % 8 != 0 || bits < 8) { gnutls_assert (); return GNUTLS_E_CERTIFICATE_ERROR; @@ -632,6 +632,7 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, gnutls_assert (); return _gnutls_asn2err (result); } + *sizeof_sig = len/8; return 0; } |