gmp: Fix RSA signature verification for m >= n
authorTobias Brunner <tobias@strongswan.org>
Mon, 29 May 2017 09:59:34 +0000 (11:59 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 14 Aug 2017 06:49:33 +0000 (08:49 +0200)
commitef5c37fcdf47273feea320091598135688df4ef7
treea17fceab947c3779dd5378dcd5233f5508f0905c
parentd35183e33e149606119eb11ea7ce853bd0efd328
gmp: Fix RSA signature verification for m >= n

By definition, m must be <= n-1, we didn't enforce that and because
mpz_export() returns NULL if the passed value is zero a crash could have
been triggered with m == n.

Fixes CVE-2017-11185.
src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c