diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-11-14 15:17:26 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-11-14 17:15:59 +0100 |
commit | bb3d16f37d26ab6b1d5949a182b08f3e39868a76 (patch) | |
tree | dee0584b52dbd45839db354103590299a41b3039 /lib/x509/pkcs7-crypt.c | |
parent | ba90ad40262b29b1e2c19b62712750697629dae8 (diff) | |
download | gnutls-bb3d16f37d26ab6b1d5949a182b08f3e39868a76.tar.gz |
PKCS#5,7 decryption: added sanity check on padding size
Relates #148
Diffstat (limited to 'lib/x509/pkcs7-crypt.c')
-rw-r--r-- | lib/x509/pkcs7-crypt.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c index 5d6965d63a..e1edfc4913 100644 --- a/lib/x509/pkcs7-crypt.c +++ b/lib/x509/pkcs7-crypt.c @@ -1114,9 +1114,15 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, decrypted_data->data = enc.data; - if (block_size != 1) + if (block_size != 1) { + if (enc.data[enc.size - 1] >= enc.size) { + gnutls_assert(); + result = GNUTLS_E_ILLEGAL_PARAMETER; + goto error; + } + decrypted_data->size = enc.size - enc.data[enc.size - 1]; - else + } else decrypted_data->size = enc.size; _gnutls_cipher_deinit(&ch); |