wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-04-13 02:25:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

RSA decrypt: don't write past buffer end on error

Browse Source 
When the decrypted data is bigger than the buffer, the one extra bytes
was being written to.
This commit is contained in:
Sean Parkinson
2025-11-21 11:18:38 +10:00
parent 59f4fa5686
commit 23c5678797
2 changed files with 27 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
wolfcrypt/src/rsa.c
View File

@@ -3636,15 +3636,28 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
if (rsa_type == RSA_PRIVATE_DECRYPT) {
word32 i = 0;
word32 j;
byte last = 0;
int start = (int)((size_t)pad - (size_t)key->data);
for (j = 0; j < key->dataLen; j++) {
signed char c;
out[i] = key->data[j];
c = (signed char)ctMaskGTE((int)j, start);
c &= (signed char)ctMaskLT((int)i, (int)outLen);
/* 0 - no add, -1 add */
i += (word32)((byte)(-c));
signed char incMask;
signed char maskData;
/* When j < start + outLen then out[i] = key->data[j]
* else out[i] = last
*/
maskData = (signed char)ctMaskLT((int)j,
start + (int)outLen);
out[i] = (byte)(key->data[j] & maskData ) |
(byte)(last & (~maskData));
last = out[i];
/* Increment i when j is in range:
* [start..(start + outLen - 1)]. */
incMask = (signed char)ctMaskGTE((int)j, start);
incMask &= (signed char)ctMaskLT((int)j,
start + (int)outLen - 1);
i += (word32)((byte)(-incMask));
}
}
else