projects / platform / core / security / yaca.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b871e78) | patch
Fix segfault found by fuzzer. 76/255376/1 accepted/tizen_6.0_unified tizen_6.0 accepted/tizen/6.0/unified/20210318.101036 submit/tizen_6.0/20210317.121955
authorDariusz Michaluk <d.michaluk@samsung.com>
Fri, 12 Mar 2021 18:26:53 +0000 (19:26 +0100)
committerDariusz Michaluk <d.michaluk@samsung.com>
Wed, 17 Mar 2021 11:53:44 +0000 (11:53 +0000)
commit09b31353790dad369561e958a4b34212da96169d
tree44e4ae67da6e44aa0ac175fc282076f487f3bb7btree | snapshot
parentb871e78243e5fff1ebe1106c5fa5af5a19c5e77bcommit | diff
Fix segfault found by fuzzer.

Unsigned int(input_len) is casted to int(flen), this can lead to using negative value,
unfortunately openssl doesn't check it.

According to openssl documentation, input_len is limited by RSA key size,
let's validate it in yaca to avoid segfault.

Change-Id: I8e821b94794f1b5d7231df16c591fe88c12c84e2
src/rsa.c diff | blob | history
tests/test_rsa.cpp diff | blob | history
Domain: Security / Utilities;