aboutsummaryrefslogtreecommitdiffstats
path: root/main/gnutls/cve-2012-1573.patch
blob: b377c391c2edfa8b26d3ebd9017d4f614bea12fb (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
--- ./lib/gnutls_cipher.c.orig
+++ ./lib/gnutls_cipher.c
@@ -515,14 +515,13 @@
 	{
 	  ciphertext.size -= blocksize;
 	  ciphertext.data += blocksize;
-
-	  if (ciphertext.size == 0)
-	    {
-	      gnutls_assert ();
-	      return GNUTLS_E_DECRYPTION_FAILED;
-	    }
 	}
 
+      if (ciphertext.size < hash_size)
+        {
+          gnutls_assert ();
+          return GNUTLS_E_DECRYPTION_FAILED;
+        }
       pad = ciphertext.data[ciphertext.size - 1] + 1;	/* pad */
 
       if ((int) pad > (int) ciphertext.size - hash_size)