mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 12:20:52 +02:00
fix F=3524: Heap Buffer Overflow in km_direct_rsa_dec When req->dst_len < ctx->key_len
This commit is contained in:
@@ -792,8 +792,12 @@ static int km_direct_rsa_dec(struct akcipher_request *req)
|
||||
goto rsa_dec_out;
|
||||
}
|
||||
|
||||
if (req->dst_len <= 0 || req->dst_len > (unsigned int) ctx->key_len) {
|
||||
err = -EINVAL;
|
||||
if (req->dst_len != (unsigned int)ctx->key_len) {
|
||||
if ((req->dst_len > 0) && (req->dst_len < (unsigned int)ctx->key_len))
|
||||
err = -EOVERFLOW;
|
||||
else
|
||||
err = -EINVAL;
|
||||
req->dst_len = ctx->key_len;
|
||||
goto rsa_dec_out;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user