Resolved in ba2de73b185016e0a98e62f75b368ab6ae673919 for master (1.1.0). This
isn't really a bug so we won't be backporting to stable branches, though.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On Wed, Nov 18, 2015 at 03:24:51PM +, Özgan, Tolgahan Jonas via RT wrote:
> Dear List,
> I have found a BUG in the function
> " RSA_padding_check_PKCS1_type_1 "
[...]
>
> the pointer p is incremented after the check therefore p is always the first
> octet of the padded string. In the Case of
Dear List,
I have found a BUG in the function
" RSA_padding_check_PKCS1_type_1 "
The bug is reproducible in OpenSSL Versions 1.0.1e , 1.0.1p , 1.0.1k and also
in 1.0.2d (these are the versions I've tried) . After Inspecting the source
code the bug can still be found in the actual development