Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation
when verifying RSA signatures, which requires decryption with the operation m^e mod n,
where m is the signature, and e and n are the exponent and modulus of the public key.
The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this.
So if m equals n the calculation results in 0, in which case mpz_export() returns NULL.
This result wasn't handled properly causing a null-pointer dereference.
This vulnerability has been registered as CVE-2017-11185.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
projects / ipfire-3.x.git / commit
