Please sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Reject invalid PSS parameters.
Fix a bug where invalid PSS parameters are not rejected resulting in a NULL pointer exception. This can be triggered during certificate verification so could be a DoS attack against a client or a server enabling client authentication. Thanks to Brian Carpenter for reporting this issues. CVE-2015-0208 Reviewed-by: Tim Hudson <email@example.com>
- Loading branch information
Showing with 2 additions and 1 deletion.
- +2 −1 crypto/rsa/rsa_ameth.c