bug 356215, r=wtchang, a=dveditz MOZILLA_1_8_0_BRANCH FIREFOX_1_5_0_8_RC1 FIREFOX_1_5_0_8_RC2 FIREFOX_1_5_0_8_RELEASE FIREFOX_1_5_0_9_RC1 FIREFOX_1_5_0_9_RELEASE SEAMONKEY_1_0_6_RELEASE SEAMONKEY_1_0_7_RELEASE THUNDERBIRD_1_5_0_8_RC1 THUNDERBIRD_1_5_0_8_RELEASE THUNDERBIRD_1_5_0_9_RC1 THUNDERBIRD_1_5_0_9_RELEASE
authordveditz%cruzio.com
Mon, 16 Oct 2006 06:01:32 +0000
branchMOZILLA_1_8_0_BRANCH
changeset 7507 c88a943c035e60d2660bfe71c233ac6914fd49dd
parent 7402 b5a7e4bba2c7cf707151ff61c792a9ac471330c0
child 13731 39f302fe7881c694f54c3440af395097703f2f97
push idunknown
push userunknown
push dateunknown
reviewerswtchang, dveditz
bugs356215
bug 356215, r=wtchang, a=dveditz
security/nss/lib/softoken/rsawrapr.c
--- a/security/nss/lib/softoken/rsawrapr.c
+++ b/security/nss/lib/softoken/rsawrapr.c
@@ -484,17 +484,23 @@ RSA_CheckSign(NSSLOWKEYPublicKey *key,
     SECStatus       rv;
     unsigned int    modulus_len = nsslowkey_PublicModulusLen(key);
     unsigned int    i;
     unsigned char * buffer;
 
     modulus_len = nsslowkey_PublicModulusLen(key);
     if (sign_len != modulus_len) 
     	goto failure;
-    if (hash_len > modulus_len - 8) 
+    /*
+     * 0x00 || BT || Pad || 0x00 || ActualData
+     *
+     * The "3" below is the first octet + the second octet + the 0x00
+     * octet that always comes just before the ActualData.
+     */
+    if (hash_len > modulus_len - (3 + RSA_BLOCK_MIN_PAD_LEN)) 
     	goto failure;
     PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
     if (key->keyType != NSSLOWKEYRSAKey)
     	goto failure;
 
     buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
     if (!buffer)
     	goto failure;
@@ -504,21 +510,21 @@ RSA_CheckSign(NSSLOWKEYPublicKey *key,
 	goto loser;
 
     /*
      * check the padding that was used
      */
     if (buffer[0] != 0 || buffer[1] != 1) 
     	goto loser;
     for (i = 2; i < modulus_len - hash_len - 1; i++) {
-	if (buffer[i] == 0) 
-	    break;
 	if (buffer[i] != 0xff) 
 	    goto loser;
     }
+    if (buffer[i] != 0) 
+	goto loser;
 
     /*
      * make sure we get the same results
      */
     if (PORT_Memcmp(buffer + modulus_len - hash_len, hash, hash_len) != 0)
 	goto loser;
 
     PORT_Free(buffer);