diff options
| author | Ben Laurie <ben@openssl.org> | 2008-12-29 13:35:08 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@openssl.org> | 2008-12-29 13:35:08 +0000 |
| commit | 8aa02e97a782a4229936d5df6da42db3efe4acd1 (patch) | |
| tree | d67dece655c6dd51266db6482dcbe268d21bb008 /crypto | |
| parent | a68c7b9171df3814b111eb467ef308617ea05463 (diff) | |
| download | openssl-8aa02e97a782a4229936d5df6da42db3efe4acd1.tar.gz | |
Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
(Coverity ID 135).
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/rsa/rsa.h | 1 | ||||
| -rw-r--r-- | crypto/rsa/rsa_err.c | 3 | ||||
| -rw-r--r-- | crypto/rsa/rsa_pss.c | 6 |
3 files changed, 9 insertions, 1 deletions
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index cf74343657..91cd4198c7 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -448,6 +448,7 @@ void ERR_load_RSA_strings(void); /* Reason codes. */ #define RSA_R_ALGORITHM_MISMATCH 100 +#define RSA_R_BAD_ARGUMENT 149 #define RSA_R_BAD_E_VALUE 101 #define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 #define RSA_R_BAD_PAD_BYTE_COUNT 103 diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index 0577fbb1ea..a53c5f6bff 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -1,6 +1,6 @@ /* crypto/rsa/rsa_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -124,6 +124,7 @@ static ERR_STRING_DATA RSA_str_functs[]= static ERR_STRING_DATA RSA_str_reasons[]= { {ERR_REASON(RSA_R_ALGORITHM_MISMATCH) ,"algorithm mismatch"}, +{ERR_REASON(RSA_R_BAD_ARGUMENT) ,"bad argument"}, {ERR_REASON(RSA_R_BAD_E_VALUE) ,"bad e value"}, {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT),"bad fixed header decrypt"}, {ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT) ,"bad pad byte count"}, diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index 7d5b4781a3..2e44194bdc 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -81,6 +81,12 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, EVP_MD_CTX ctx; unsigned char H_[EVP_MAX_MD_SIZE]; + if (Hash == NULL) + { + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_ARGUMENT); + goto err; + } + hLen = EVP_MD_size(Hash); /* * Negative sLen has special meanings: |