_gnutls_find_rsa_pss_salt_size: add a validity check for salt size

That is, in order to reject invalid parameters. Resolves #402 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-03-02 11:18:12 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-03-02 14:46:05 +0100
commit: 7ac0e16bde3b54ed6b6f435a88f180b64056f9f7 (patch)
tree: 15aa82cfc2a0c7170587f674ab3ad082b51a7660 /lib/x509/crq.c
parent: 8bc71dc0ed272c10b6430a678858b8e973828cf8 (diff)
download: gnutls-7ac0e16bde3b54ed6b6f435a88f180b64056f9f7.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/x509/crq.c b/lib/x509/crq.c
index ac58529f6f..417d630405 100644
--- a/lib/x509/crq.c
+++ b/lib/x509/crq.c
@@ -3052,9 +3052,14 @@ gnutls_x509_crq_set_spki(gnutls_x509_crq_t crq,
 
 		/* If salt size is zero, find the optimal salt size. */
 		if (spki->salt_size == 0) {
-			tpki.salt_size =
+			ret =
 			    _gnutls_find_rsa_pss_salt_size(bits, me,
 							   spki->salt_size);
+			if (ret < 0) {
+				gnutls_assert();
+				goto cleanup;
+			}
+			tpki.salt_size = ret;
 		} else
 			tpki.salt_size = spki->salt_size;
 	} else if (crq_pk == GNUTLS_PK_RSA_PSS) {
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-03-02 11:18:12 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-03-02 14:46:05 +0100
commit	7ac0e16bde3b54ed6b6f435a88f180b64056f9f7 (patch)
tree	15aa82cfc2a0c7170587f674ab3ad082b51a7660 /lib/x509/crq.c
parent	8bc71dc0ed272c10b6430a678858b8e973828cf8 (diff)
download	gnutls-7ac0e16bde3b54ed6b6f435a88f180b64056f9f7.tar.gz