[openssl-commits] [openssl] master update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Fri Dec 8 14:39:48 UTC 2017
The branch master has been updated
via a14715888bc4b5bd2b1da3f8ac7d4cabef8c9cb8 (commit)
from 8a8bc665626113005f39121d582fd96104fb84cf (commit)
- Log -----------------------------------------------------------------
commit a14715888bc4b5bd2b1da3f8ac7d4cabef8c9cb8
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Thu Dec 7 13:03:15 2017 +0100
Add missing range checks on number of multi primes in rsa_ossl_mod_exp
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4862)
-----------------------------------------------------------------------
Summary of changes:
crypto/rsa/rsa_ossl.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index ced11ad..f7b5cdc 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -604,7 +604,7 @@ static int rsa_ossl_public_decrypt(int flen, const unsigned char *from,
static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
{
- BIGNUM *r1, *m1, *vrfy, *r2, *m[RSA_MAX_PRIME_NUM];
+ BIGNUM *r1, *m1, *vrfy, *r2, *m[RSA_MAX_PRIME_NUM - 2];
int ret = 0, i, ex_primes = 0;
RSA_PRIME_INFO *pinfo;
@@ -618,7 +618,8 @@ static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
goto err;
if (rsa->version == RSA_ASN1_VERSION_MULTI
- && (ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos)) <= 0)
+ && ((ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos)) <= 0
+ || ex_primes > RSA_MAX_PRIME_NUM - 2))
goto err;
{
More information about the openssl-commits
mailing list