From: Martin Willi <martin@revosec.ch>
Date: Mon, 7 May 2012 11:51:46 +0000 (+0200)
Subject: Fix boolean return value if an empty RSA signature is detected in gmp plugin
X-Git-Tag: 5.0.0~199
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=060b508e0e24425b9bba8d2cda1e672e636f3262;p=thirdparty%2Fstrongswan.git

Fix boolean return value if an empty RSA signature is detected in gmp plugin

Fixes CVE-2012-2388.
---

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index a7ba80138a..898892f5b8 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -137,7 +137,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
 
 	if (signature.len == 0 || signature.len > this->k)
 	{
-		return INVALID_ARG;
+		return FALSE;
 	}
 
 	/* unpack signature */