internal authenticate input check

2012-06-07 13:59:13 +09:00
parent 39a3cb8b09
commit ee743ca042
2 changed files with 12 additions and 0 deletions
--- a/src/openpgp.c
+++ b/src/openpgp.c
@@ -744,6 +744,8 @@ cmd_pso (void)
  DEBUG_INFO ("PSO done.\r\n");
 }

+
+#define MAX_DIGEST_INFO_LEN 102 /* 40% */
 static void
 cmd_internal_authenticate (void)
 {
@@ -763,6 +765,13 @@ cmd_internal_authenticate (void)
 	  return;
 	}

+      if (len > MAX_DIGEST_INFO_LEN)
+	{
+	  DEBUG_INFO ("input is too long.");
+	  GPG_CONDITION_NOT_SATISFIED ();
+	  return;
+	}
+
      r = rsa_sign (apdu.cmd_apdu_data, res_APDU, len,
 		    &kd[GPG_KEY_FOR_AUTHENTICATION]);
      if (r < 0)