Fix buffer overflow when generating large RSA keys in FIPS mode.
A pairwise test runs only in FIPS mode. An assumption about the size of the 'to' buffer passed to RSA_private_decrypt() was incorrect. It needs to be up to RSA_size() bytes long - so a fixed buffer of 256 bytes was not large enough. An exiting malloc has increased in size to allocate buffer space for both the encrypt and decrypt buffer. The existing test used 2080 bits which was not quite large enough to trigger the issue. A test using 3072 bits has been added. Reported by Mark Powers from Acumen. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15447)
Showing
想要评论请 注册 或 登录