diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-03-09 23:16:33 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-19 13:01:13 +0000 |
commit | 09f06923e636019c39c807cb59c481375e720556 (patch) | |
tree | 9fce22d849ad939875ff3a95f5e48fe0abab263f /crypto/rsa | |
parent | 8106d61c354430d6bbbd7f8e7840a39efc0f5829 (diff) |
Reject invalid PSS parameters.
Fix a bug where invalid PSS parameters are not rejected resulting in a
NULL pointer exception. This can be triggered during certificate
verification so could be a DoS attack against a client or a server
enabling client authentication.
Thanks to Brian Carpenter for reporting this issues.
CVE-2015-0208
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/rsa_ameth.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 5e8701ac0a..6f4c104858 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -703,9 +703,10 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); return -1; } - if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey)) + if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { /* Carry on */ return 2; + } return -1; } |