Bug 1234206 - Check for zero length padding to avoid a mod by zero error r=mt,ttaubert
authorKelby Ludwig <kelbyludwig@gmail.com>
Thu, 14 Jan 2016 06:22:09 +1100
changeset 11811 9c91bc99ba4cee2baa50c7fba3755cb57b25a698
parent 11810 033b052235cb6c83484bb6fa7eee8dd25d8f13b8
child 11812 0a86bfa3a3bfc7afa18bcb251a098088acbcb81f
push id931
push usermartin.thomson@gmail.com
push dateWed, 13 Jan 2016 19:23:19 +0000
reviewersmt, ttaubert
bugs1234206
Bug 1234206 - Check for zero length padding to avoid a mod by zero error r=mt,ttaubert
lib/smime/cmscipher.c
--- a/lib/smime/cmscipher.c
+++ b/lib/smime/cmscipher.c
@@ -688,18 +688,22 @@ NSS_CMSCipherContext_Encrypt(NSSCMSCiphe
 
 	pcount = input_len - ifraglen;
 	PORT_Assert (pcount < bsize);
 	if (pcount)
 	    PORT_Memcpy (pbuf, input + ifraglen, pcount);
     }
 
     if (final) {
-	padlen = padsize - (pcount % padsize);
-	PORT_Memset (pbuf + pcount, padlen, padlen);
+	if (padsize <= 0) {
+	    padlen = 0;
+	} else {
+	    padlen = padsize - (pcount % padsize);
+	    PORT_Memset (pbuf + pcount, padlen, padlen);
+	}
 	rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
 			    pbuf, pcount+padlen);
 	if (rv != SECSuccess)
 	    return rv;
 
 	/*
 	 * For now anyway, all of our ciphers have the same number of
 	 * bytes of output as they do input.  If this ever becomes untrue,