x509: fix reading of MGF-1 OID

asn1_read_value may return error code in a positive integer thus the
previous code could lead to an access to uninitialized value.  This is
a regression in the RSA-OAEP support.  Spotted by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67300

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c
index 1cd5ee2bcba3a1a422a05cceeac6e9c1946c1c29..7328878099dbc89983d6c5a2528aa8db6a062eec 100644 (file)
--- a/lib/x509/key_decode.c
+++ b/lib/x509/key_decode.c
@@ -302,7 +302,7 @@ static int check_mgf1(asn1_node root, const char *name,
 
        size = sizeof(oid);
        result = asn1_read_value(root, buffer, oid, &size);
-       if (result < 0) {
+       if (result != ASN1_SUCCESS) {
                if (result == ASN1_ELEMENT_NOT_FOUND && allow_null)
                        return 0;
                gnutls_assert();
@@ -471,7 +471,7 @@ static int read_rsa_oaep_label(asn1_node root, const char *name,
 
        size = sizeof(oid);
        result = asn1_read_value(root, buffer, oid, &size);
-       if (result < 0) {
+       if (result != ASN1_SUCCESS) {
                if (result != ASN1_ELEMENT_NOT_FOUND && allow_null)
                        return 0;