Fix boolean return value if an empty RSA signature is detected in gmp plugin

Fixes CVE-2012-2388.
author: Martin Willi <martin@revosec.ch> 2012-05-07 13:51:46 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2012-05-31 17:38:59 +0200
commit: 060b508e0e24425b9bba8d2cda1e672e636f3262 (patch)
tree: 3e0b322ff2035b067acc14e5735f8480bfb6354b /src
parent: 77e42826437661b4fd1f54068eeb2803987f577f (diff)
download: strongswan-060b508e0e24425b9bba8d2cda1e672e636f3262.tar.bz2
strongswan-060b508e0e24425b9bba8d2cda1e672e636f3262.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index a7ba80138..898892f5b 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -137,7 +137,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
 
 	if (signature.len == 0 || signature.len > this->k)
 	{
-		return INVALID_ARG;
+		return FALSE;
 	}
 
 	/* unpack signature */
author	Martin Willi <martin@revosec.ch>	2012-05-07 13:51:46 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2012-05-31 17:38:59 +0200
commit	060b508e0e24425b9bba8d2cda1e672e636f3262 (patch)
tree	3e0b322ff2035b067acc14e5735f8480bfb6354b /src
parent	77e42826437661b4fd1f54068eeb2803987f577f (diff)
download	strongswan-060b508e0e24425b9bba8d2cda1e672e636f3262.tar.bz2 strongswan-060b508e0e24425b9bba8d2cda1e672e636f3262.tar.xz