Be more strict in RSA_padding_check_X931(), and thus avoid a possible

memcpy() with a negative size.
ok tedu@

2 files changed, 4 insertions, 4 deletions

diff --git a/src/lib/libcrypto/rsa/rsa_x931.c b/src/lib/libcrypto/rsa/rsa_x931.c
index f22c50ba13..c3305139f8 100644
--- a/src/lib/libcrypto/rsa/rsa_x931.c
+++ b/src/lib/libcrypto/rsa/rsa_x931.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
         } else
                 j = flen - 2;
 
-        if (p[j] != 0xCC) {
+        if (j < 0 || p[j] != 0xCC) {
                 RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
                 return -1;
         }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_x931.c b/src/lib/libssl/src/crypto/rsa/rsa_x931.c
index f22c50ba13..c3305139f8 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_x931.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_x931.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
         } else
                 j = flen - 2;
 
-        if (p[j] != 0xCC) {
+        if (j < 0 || p[j] != 0xCC) {
                 RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
                 return -1;
         }