]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5809f34)
resolved: dnssec - fix off-by-one in RSA key parsing
authorTom Gundersen <teg@jklm.no>
Mon, 28 Dec 2015 17:03:34 +0000 (18:03 +0100)
committerTom Gundersen <teg@jklm.no>
Fri, 1 Jan 2016 15:48:52 +0000 (16:48 +0100)
If the first byte of the key is zero, the key-length is stored in
the second and third byte (not first and second).

src/resolve/resolved-dns-dnssec.c patch | blob | blame | history

diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c
index e4b32c7e4b01506634ffa2900bf69cb5aeca6b2e..6a6aabc18f7be77878b4d35a64734479417a22bd 100644 (file)
--- a/src/resolve/resolved-dns-dnssec.c
+++ b/src/resolve/resolved-dns-dnssec.c
@@ -238,8 +238,8 @@ static int dnssec_rsa_verify(
 
                 exponent = (uint8_t*) dnskey->dnskey.key + 3;
                 exponent_size =
-                        ((size_t) (((uint8_t*) dnskey->dnskey.key)[0]) << 8) |
-                        ((size_t) ((uint8_t*) dnskey->dnskey.key)[1]);
+                        ((size_t) (((uint8_t*) dnskey->dnskey.key)[1]) << 8) |
+                        ((size_t) ((uint8_t*) dnskey->dnskey.key)[2]);
 
                 if (exponent_size < 256)
                         return -EINVAL;
Unnamed repository; edit this file 'description' to name the repository.