Fix in encrypt_decrypt(), check for (in_len <= sizeof orig_data)

2019-04-05 10:38:12 +02:00 · 2019-04-05 10:38:12 +02:00 · 4913feadb8
parent 31831c300b
commit 4913feadb8
1 changed files with 5 additions and 0 deletions
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@ -5361,6 +5361,11 @@ static int encrypt_decrypt(CK_SESSION_HANDLE session,
 		return 0;
 	}

+	if (in_len >= sizeof(orig_data)) {
+		printf("Private key size is too long\n");
+		return 0;
+	}
+
 	EVP_PKEY_CTX *ctx;
 	ctx = EVP_PKEY_CTX_new(pkey, NULL);
 	if (!ctx) {