[openssl-commits] [openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Thu Dec 13 09:53:29 UTC 2018


The branch OpenSSL_1_1_1-stable has been updated
       via  5db5edc99a8386516da06f8078e5134ccd65a64b (commit)
      from  4abca7e9f37c8b6cfc0e5fe1fd7b624e2f14b751 (commit)


- Log -----------------------------------------------------------------
commit 5db5edc99a8386516da06f8078e5134ccd65a64b
Author: Mansour Ahmadi <m.ahmadi at northeastern.edu>
Date:   Tue Dec 11 17:26:50 2018 -0500

    fix inconsistent flen check in rsa_pk1 and rsa_oaep
    
    Fixes #7117
    
    Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/7880)
    
    (cherry picked from commit 4fea7005c3d08ed0d575bdea5082b7b0ce355237)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rsa/rsa_pk1.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index b3a7a06..0626907 100644
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -161,7 +161,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
     unsigned int good, found_zero_byte, mask;
     int zero_index = 0, msg_index, mlen = -1;
 
-    if (tlen < 0 || flen < 0)
+    if (tlen <= 0 || flen <= 0)
         return -1;
 
     /*


More information about the openssl-commits mailing list