Vulnerability reported by Core Security Technologies. Thanks.
SilcUInt32 dest_data_size,
SilcUInt32 *dest_len)
{
SilcUInt32 dest_data_size,
SilcUInt32 *dest_len)
{
SILC_LOG_DEBUG(("PKCS#1 decoding, bt %d", bt));
SILC_LOG_DEBUG(("PKCS#1 decoding, bt %d", bt));
+ if (i >= data_len) {
+ SILC_LOG_DEBUG(("Malformed block"));
+ return FALSE;
+ }
+ if (i < SILC_PKCS1_MIN_PADDING) {
+ SILC_LOG_DEBUG(("Malformed block"));
+ return FALSE;
+ }
if (data[i++] != 0x00) {
SILC_LOG_DEBUG(("Malformed block"));
return FALSE;
}
if (data[i++] != 0x00) {
SILC_LOG_DEBUG(("Malformed block"));
return FALSE;
}
- if (i - 1 < SILC_PKCS1_MIN_PADDING) {
SILC_LOG_DEBUG(("Malformed block"));
return FALSE;
}
SILC_LOG_DEBUG(("Malformed block"));
return FALSE;
}