diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/rsa/rsa_ssl.c')
-rw-r--r-- | deps/openssl/openssl/crypto/rsa/rsa_ssl.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_ssl.c b/deps/openssl/openssl/crypto/rsa/rsa_ssl.c index 9ef6b80ea8..77b28b46f2 100644 --- a/deps/openssl/openssl/crypto/rsa/rsa_ssl.c +++ b/deps/openssl/openssl/crypto/rsa/rsa_ssl.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -63,6 +63,14 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL); return (-1); } + /* Accept even zero-padded input */ + if (flen == num) { + if (*(p++) != 0) { + RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_BLOCK_TYPE_IS_NOT_02); + return -1; + } + flen--; + } if ((num != (flen + 1)) || (*(p++) != 02)) { RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_BLOCK_TYPE_IS_NOT_02); return (-1); |