TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / db1f05985e035a3d1eb5eec805aa5ee9b94521e2
commitdb1f05985e035a3d1eb5eec805aa5ee9b94521e2[log] [tgz]
authorPaul Bakker <p.j.bakker@polarssl.org>Wed Mar 26 14:53:47 2014 +0100
committerPaul Bakker <p.j.bakker@polarssl.org>Wed Mar 26 15:14:21 2014 +0100
tree6309e5fa34f7626989fcddf188847c1e80da5072
parent91c61bc4fd815f689b499f849b3baf828c0f8490 [diff]
Add a check for buffer overflow to pkcs11_sign()

pkcs11_sign() reuses *sig to store the header and hash, but those might
be larger than the actual sig, causing a buffer overflow.

An overflow can occur when using raw sigs with hashlen > siglen, or when
the RSA key is less than 664 bits long (or less when using hashes
shorter than SHA512)

As siglen is always within the 'low realm' < 32k, an overflow of asnlen
+ hashlen is not possible.
1 file changed
tree: 6309e5fa34f7626989fcddf188847c1e80da5072
  1. doxygen/
  2. include/
  3. library/
  4. programs/
  5. scripts/
  6. tests/
  7. visualc/
  8. .gitignore
  9. ChangeLog
  10. CMakeLists.txt
  11. DartConfiguration.tcl
  12. LICENSE
  13. Makefile
  14. README.rst