diff options
| -rw-r--r-- | lib/x509/common.c | 2 | ||||
| -rw-r--r-- | lib/x509/x509.c | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/lib/x509/common.c b/lib/x509/common.c index 6e822ad547..97eb42b09e 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -1472,7 +1472,7 @@ _gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, goto cleanup; } - if (bits % 8 != 0) + if (bits % 8 != 0 || bits < 8) { gnutls_assert (); result = GNUTLS_E_CERTIFICATE_ERROR; diff --git a/lib/x509/x509.c b/lib/x509/x509.c index d12d44ed88..b9237ca74b 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -612,7 +612,7 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, return _gnutls_asn2err (result); } - if (bits % 8 != 0) + if (bits % 8 != 0 || bits < 8) { gnutls_assert (); return GNUTLS_E_CERTIFICATE_ERROR; @@ -632,6 +632,7 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, gnutls_assert (); return _gnutls_asn2err (result); } + *sizeof_sig = len/8; return 0; } |