wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Always check to make sure 'sigCheckBuf' is within range

Browse Source
This commit is contained in:
Andras Fekete
2023-01-26 15:56:00 -05:00
parent eaeff1e7c2
commit 5b36d5235c
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
wolfcrypt/src/rsa.c
View File

@ -4035,7 +4035,6 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,
}
}
#ifdef WOLFSSL_PSS_LONG_SALT
/* if long salt is larger then default maximum buffer then allocate a buffer */
if (ret == 0 && sizeof(sigCheckBuf) < (RSA_PSS_PAD_SZ + inSz + saltLen)) {
sigCheck = (byte*)XMALLOC(RSA_PSS_PAD_SZ + inSz + saltLen, heap,
@ -4044,7 +4043,6 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,
ret = MEMORY_E;
}
}
#endif
/* Exp Hash = HASH(8 * 0x00 | Message Hash | Salt) */
if (ret == 0) {
@ -4061,11 +4059,9 @@ int wc_RsaPSS_CheckPadding_ex2(const byte* in, word32 inSz, byte* sig,
}
}
#ifdef WOLFSSL_PSS_LONG_SALT
if (sigCheck != NULL && sigCheck != sigCheckBuf) {
XFREE(sigCheck, heap, DYNAMIC_TYPE_RSA_BUFFER);
}
#endif
(void)heap; /* unused if memory is disabled */
return ret;