projects / platform / core / security / yaca.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 725304a) | patch
Fix segfault found by fuzzer. 77/255377/1 accepted/tizen_5.5_unified tizen_5.5 accepted/tizen/5.5/unified/20210318.001936 submit/tizen_5.5/20210317.122023
authorDariusz Michaluk <d.michaluk@samsung.com>
Fri, 12 Mar 2021 18:26:53 +0000 (19:26 +0100)
committerDariusz Michaluk <d.michaluk@samsung.com>
Wed, 17 Mar 2021 11:46:53 +0000 (12:46 +0100)
commit9ed6caef926b28e932e49712bb07ee3b438fd9e4
tree5aa74fa5bfe94f865454a509bbbeefc8127eb1detree | snapshot
parent725304af3a8f92f4fb9f4c988d80730ed3d8bcd8commit | diff
Fix segfault found by fuzzer.

Unsigned int(input_len) is casted to int(flen), this can lead to using negative value,
unfortunately openssl doesn't check it.

According to openssl documentation, input_len is limited by RSA key size,
let's validate it in yaca to avoid segfault.

Change-Id: I8e821b94794f1b5d7231df16c591fe88c12c84e2
src/rsa.c diff | blob | history
Domain: Security / Utilities;