projects / platform / core / security / yaca.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cd7ffdd) | patch
Fix segfault found by fuzzer. 63/255163/1 accepted/tizen_6.5_unified tizen_6.5 accepted/tizen/6.5/unified/20211028.114551 accepted/tizen/unified/20210318.055920 submit/tizen/20210317.121852 submit/tizen_6.5/20211028.162401 tizen_6.5.m2_release
authorDariusz Michaluk <d.michaluk@samsung.com>
Fri, 12 Mar 2021 18:26:53 +0000 (19:26 +0100)
committerDariusz Michaluk <d.michaluk@samsung.com>
Fri, 12 Mar 2021 19:04:09 +0000 (20:04 +0100)
commit60292b16152fcab14d082e9a383c65ce6f0c39cf
tree618f3061402d7b98f00e68cd99072852ab839703tree | snapshot
parentcd7ffdd544595753d85d6ba2128a2832f45491e4commit | diff
Fix segfault found by fuzzer.

Unsigned int(input_len) is casted to int(flen), this can lead to using negative value,
unfortunately openssl doesn't check it.

According to openssl documentation, input_len is limited by RSA key size,
let's validate it in yaca to avoid segfault.

Change-Id: I8e821b94794f1b5d7231df16c591fe88c12c84e2
src/rsa.c diff | blob | history
tests/test_rsa.cpp diff | blob | history
Domain: Security / Utilities;