diff options
author | Jiasheng Jiang <jiasheng@purdue.edu> | 2024-03-22 22:22:23 +0000 |
---|---|---|
committer | Neil Horman <nhorman@openssl.org> | 2024-04-01 14:11:52 -0400 |
commit | 6c0f154750a3380cced8ddab44d7ad100b6ab984 (patch) | |
tree | 0971752ec80c75d746fdf203d98fa0a48dbb2095 /providers | |
parent | 7638f4016a9438dccaf183a3ae7353d363dfc25a (diff) |
signature/rsa_sig.c: Add checks for the EVP_MD_get_size()
Add checks for the EVP_MD_get_size() to avoid integer overflow and then explicitly cast from int to size_t.
Fixes: 6f4b766315 ("PROV: add RSA signature implementation")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23949)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/signature/rsa_sig.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c index 76db37dd02..cc7353bbca 100644 --- a/providers/implementations/signature/rsa_sig.c +++ b/providers/implementations/signature/rsa_sig.c @@ -114,8 +114,14 @@ typedef struct { static size_t rsa_get_md_size(const PROV_RSA_CTX *prsactx) { - if (prsactx->md != NULL) - return EVP_MD_get_size(prsactx->md); + int md_size; + + if (prsactx->md != NULL) { + md_size = EVP_MD_get_size(prsactx->md); + if (md_size <= 0) + return 0; + return md_size; + } return 0; } |