Fix segfault found by fuzzer.

[platform/core/security/yaca.git] / src / rsa.c

diff --git a/src/rsa.c b/src/rsa.c
index 7fbb6e4..054db73 100644 (file)
--- a/src/rsa.c
+++ b/src/rsa.c
@@ -1,5 +1,5 @@
 /*
- *  Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *  Copyright (c) 2016-2021 Samsung Electronics Co., Ltd All Rights Reserved
  *
  *  Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
  *
@@ -34,6 +34,11 @@
 
 #include "internal.h"
 
+#ifdef OPENSSL_MOCKUP_TESTS
+#include "../tests/openssl_mock_redefine.h"
+#endif
+
+
 int rsa_padding2openssl(yaca_padding_e padding)
 {
        switch (padding) {
@@ -50,6 +55,7 @@ int rsa_padding2openssl(yaca_padding_e padding)
        case YACA_PADDING_PKCS1_SSLV23:
                return RSA_SSLV23_PADDING;
        default:
+               assert(false);
                return -1;
        }
 }
@@ -75,7 +81,6 @@ static int encrypt_decrypt(yaca_padding_e padding,
                return YACA_ERROR_INVALID_PARAMETER;
 
        lpadding = rsa_padding2openssl(padding);
-       assert(lpadding != -1);
 
        lasym_key = key_get_evp(key);
        assert(lasym_key != NULL);
@@ -89,6 +94,9 @@ static int encrypt_decrypt(yaca_padding_e padding,
 
        max_len = ret;
 
+       if (input_len > max_len)
+               return YACA_ERROR_INVALID_PARAMETER;
+
        ret = yaca_zalloc(max_len, (void**)&loutput);
        if (ret != YACA_ERROR_NONE)
                return ret;