diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-14 10:44:22 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-14 11:13:52 +0100 |
| commit | afa69cb27640ac98cc40eea95dab42bf6f80242a (patch) | |
| tree | e2ee48ff13e5cb2d079c8f902a07e6be88393d1b | |
| parent | aaa0275e1b517dca2f369b434c9e431bd7ae4d26 (diff) | |
| download | gnutls-afa69cb27640ac98cc40eea95dab42bf6f80242a.tar.gz | |
PKCS#5,7 decryption: added sanity check on padding size
Relates #148
| -rw-r--r-- | lib/x509/privkey_pkcs8.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index ccfb652d0a..ca638f6ebc 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1729,9 +1729,15 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, decrypted_data->data = data; - if (block_size != 1) + if (block_size != 1) { + if (data[data_size - 1] >= data_size) { + gnutls_assert(); + result = GNUTLS_E_ILLEGAL_PARAMETER; + goto error; + } + decrypted_data->size = data_size - data[data_size - 1]; - else + } else decrypted_data->size = data_size; _gnutls_cipher_deinit(&ch); |