Commit d8541d7e authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Richard Levitte
Browse files

Add PSS parameter check. 



Avoid seg fault by checking mgf1 parameter is not NULL. This can be
triggered during certificate verification so could be a DoS attack
against a client or a server enabling client authentication.

Thanks to Loïc Jonas Etienne (Qnective AG) for discovering this bug.

CVE-2015-3194

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent b29ffa39

crypto/rsa/rsa_ameth.c

+1 −1
Original line number Diff line number Diff line
@@ -279,7 +279,7 @@ static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg, 
    if (pss->maskGenAlgorithm) {

        ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;

        if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1

            && param->type == V_ASN1_SEQUENCE) {

            && param && param->type == V_ASN1_SEQUENCE) {

            p = param->value.sequence->data;

            plen = param->value.sequence->length;

            *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);