diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-08-24 10:49:13 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-08-24 14:09:43 +0200 |
| commit | dfbe6a74d8172fd69676987e2566b3f521101d3f (patch) | |
| tree | 9d7436b5cb59ec4dd9dc3edafb750651f2719f38 | |
| parent | 1905ed7ca2987c49d0415667645ad3e3f894d5b5 (diff) | |
| download | gnutls-dfbe6a74d8172fd69676987e2566b3f521101d3f.tar.gz | |
Ported openssl format fix from openconnect
Patch by David Woodhouse
| -rw-r--r-- | lib/x509/privkey_openssl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/x509/privkey_openssl.c b/lib/x509/privkey_openssl.c index 3b143f8457..563ab99de6 100644 --- a/lib/x509/privkey_openssl.c +++ b/lib/x509/privkey_openssl.c @@ -291,8 +291,8 @@ gnutls_x509_privkey_import_openssl(gnutls_x509_privkey_t key, } keylen += ofs; - /* If there appears to be more padding than required, fail */ - if (key_data_size - keylen > blocksize) { + /* If there appears to be more or less padding than required, fail */ + if (key_data_size - keylen > blocksize || key_data_size < keylen+1) { gnutls_assert(); goto fail; } |