mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-02 22:44:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add missing range checks on number of multi primes in rsa_ossl_mod_exp

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4862)
This commit is contained in:
Bernd Edlinger 2017-12-07 13:03:15 +01:00
parent 8a8bc66562
commit a14715888b
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/rsa/rsa_ossl.c
View File

@ -604,7 +604,7 @@ static int rsa_ossl_public_decrypt(int flen, const unsigned char *from,
static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
{
BIGNUM *r1, *m1, *vrfy, *r2, *m[RSA_MAX_PRIME_NUM];
BIGNUM *r1, *m1, *vrfy, *r2, *m[RSA_MAX_PRIME_NUM - 2];
int ret = 0, i, ex_primes = 0;
RSA_PRIME_INFO *pinfo;
@ -618,7 +618,8 @@ static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
goto err;
if (rsa->version == RSA_ASN1_VERSION_MULTI
&& (ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos)) <= 0)
&& ((ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos)) <= 0
|| ex_primes > RSA_MAX_PRIME_NUM - 2))
goto err;
{