diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2021-06-28 17:48:47 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-09-27 15:59:58 +0900 |
commit | b8eed2b9b93a98af34d14856def66ee4a062a1f9 (patch) | |
tree | 7648e48bc19b14083bee24ed845980c5820390d0 /lib | |
parent | 87887fec2a2e973ed4e05187f7d05a4cb6d92eaa (diff) | |
download | ruby-openssl-b8eed2b9b93a98af34d14856def66ee4a062a1f9.tar.gz |
pkey: use RSTRING_LENINT() instead of casting to intky/pkey-ec-verify-overflow
RSTRING_LENINT() checks the range of int and raises an exception as
necessary. OpenSSL::PKey::EC#dsa_verify_asn1 currently does not do this,
and giving a too big string to it can trigger a surprising behavior:
ec.dsa_verify_asn1(digest, signature) #=> true
ec.dsa_verify_asn1(digest, signature + "x" * 2**32) #=> true
Reference: https://hackerone.com/reports/1246050
Diffstat (limited to 'lib')
0 files changed, 0 insertions, 0 deletions