Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 (cherry picked from commit 9daf0d0651d6346f6f21b6bce9797c626c88f24f)

commit: 144c3cc8abbf359e6e68db7c726552c18ad8008f [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Tue Nov 13 12:13:27 2012 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Jan 16 13:16:00 2013 +0100
tree: 127c0da036a71cfba73ce1de0da907f837e4da02
parent: 0ae1f40299a816771acc920fed136318f7b7917b [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index 278686b..b36801e 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -752,6 +752,9 @@
             hlen = md_get_size( md_info );
             slen = hlen;
 
+            if( olen < hlen + slen + 2 )
+                return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
+
             memset( sig, 0, olen );
             memset( &md_ctx, 0, sizeof( md_context_t ) );
commit	144c3cc8abbf359e6e68db7c726552c18ad8008f	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Tue Nov 13 12:13:27 2012 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Jan 16 13:16:00 2013 +0100
tree	127c0da036a71cfba73ce1de0da907f837e4da02
parent	0ae1f40299a816771acc920fed136318f7b7917b [diff] [blame]