diff options
| -rw-r--r-- | lib/x509/privkey_pkcs8.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index d560a4b44c..27370bea35 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1940,9 +1940,15 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, decrypted_data->data = enc.data; - if (block_size != 1) + if (block_size != 1) { + if (enc.data[enc.size - 1] >= enc.size) { + gnutls_assert(); + result = GNUTLS_E_ILLEGAL_PARAMETER; + goto error; + } + decrypted_data->size = enc.size - enc.data[enc.size - 1]; - else + } else decrypted_data->size = enc.size; _gnutls_cipher_deinit(&ch); |