mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

APPS/pkeyutl: strengthen error message on too long sign/verify input

Browse Source 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22910)
This commit is contained in:
Dr. David von Oheimb 2024-10-29 19:41:02 +01:00
parent 50c0241de2
commit 1ee906143c
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
apps/pkeyutl.c
View File

@ -490,12 +490,14 @@ int pkeyutl_main(int argc, char **argv)
/* Sanity check the input if the input is not raw */
if (!rawin
&& buf_inlen > EVP_MAX_MD_SIZE
&& (pkey_op == EVP_PKEY_OP_SIGN
|| pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"Error: The input data looks too long to be a hash\n");
goto end;
&& (pkey_op == EVP_PKEY_OP_SIGN || pkey_op == EVP_PKEY_OP_VERIFY
|| pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
if (buf_inlen > EVP_MAX_MD_SIZE) {
BIO_printf(bio_err,
"Error: The non-raw input data length %d is too long - max supported hashed size is %d\n",
buf_inlen, EVP_MAX_MD_SIZE);
goto end;
}
}
if (pkey_op == EVP_PKEY_OP_VERIFY) {