Re: [PATCH] crypto: rsa - fix buffer overread when stripping leading zeroes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 26 Nov 2017, Eric Biggers wrote:

> Fixes: 5a7de97309f5 ("crypto: rsa - return raw integers for the ASN.1 parser")
> Cc: <stable@xxxxxxxxxxxxxxx> # v4.8+
> Cc: Tudor Ambarus <tudor-dan.ambarus@xxxxxxx>
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
> ---
>  crypto/rsa_helper.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c
> index 0b66dc824606..cad395d70d78 100644
> --- a/crypto/rsa_helper.c
> +++ b/crypto/rsa_helper.c
> @@ -30,7 +30,7 @@ int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
>  		return -EINVAL;
>  
>  	if (fips_enabled) {
> -		while (!*ptr && n_sz) {
> +		while (n_sz && !*ptr) {
>  			ptr++;
>  			n_sz--;
>  		}



Reviewed-by: James Morris <james.l.morris@xxxxxxxxxx>

-- 
James Morris
<james.l.morris@xxxxxxxxxx>




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux