Be more strict in RSA_padding_check_X931(), and thus avoid a possible

memcpy() with a negative size.
ok tedu@

2 files changed, 4 insertions, 4 deletions

diff --git a/lib/libcrypto/rsa/rsa_x931.c b/lib/libcrypto/rsa/rsa_x931.c
index f22c50ba13f..c3305139f80 100644
--- a/lib/libcrypto/rsa/rsa_x931.c
+++ b/lib/libcrypto/rsa/rsa_x931.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
 	} else
 		j = flen - 2;
 
-	if (p[j] != 0xCC) {
+	if (j < 0 || p[j] != 0xCC) {
 		RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
 		return -1;
 	}
diff --git a/lib/libssl/src/crypto/rsa/rsa_x931.c b/lib/libssl/src/crypto/rsa/rsa_x931.c
index f22c50ba13f..c3305139f80 100644
--- a/lib/libssl/src/crypto/rsa/rsa_x931.c
+++ b/lib/libssl/src/crypto/rsa/rsa_x931.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_x931.c,v 1.3 2014/07/09 08:20:08 miod Exp $ */
+/* $OpenBSD: rsa_x931.c,v 1.4 2014/07/09 09:07:00 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -135,7 +135,7 @@ RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
 	} else
 		j = flen - 2;
 
-	if (p[j] != 0xCC) {
+	if (j < 0 || p[j] != 0xCC) {
 		RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
 		return -1;
 	}