Skip to content

Fix integer overflow vulnerability in pkcs1_decode.c (#883)#888

Merged
Legrandin merged 1 commit intoLegrandin:masterfrom
StevenEck:bugfix/integer-overflow-883-
Nov 16, 2025
Merged

Fix integer overflow vulnerability in pkcs1_decode.c (#883)#888
Legrandin merged 1 commit intoLegrandin:masterfrom
StevenEck:bugfix/integer-overflow-883-

Conversation

@StevenEck
Copy link
Copy Markdown
Contributor

@StevenEck StevenEck commented Jul 9, 2025

This commit fixes an integer overflow vulnerability in the pkcs1_decode function. Previously, the code was incrementing the position value returned by safe_search before checking if it was SIZE_T_MAX (error condition). This could lead to an overflow when adding 10 to SIZE_T_MAX, causing the subsequent error check to fail.

The fix ensures we check for the error condition before performing the addition, preventing the potential overflow vulnerability.

Fixes #883

@StevenEck
Fix integer overflow vulnerability in pkcs1_decode.c (Legrandin#883)
7cb841d 
This commit fixes an integer overflow vulnerability in the pkcs1_decode function.
Previously, the code was incrementing the position value returned by safe_search
before checking if it was SIZE_T_MAX (error condition). This could lead to an
overflow when adding 10 to SIZE_T_MAX, causing the subsequent error check to fail.

The fix ensures we check for the error condition before performing the addition,
preventing the potential overflow vulnerability.

Fixes Legrandin#883
@StevenEck StevenEck mentioned this pull request Jul 9, 2025
Closed
@Legrandin Legrandin merged commit fc272f6 into Legrandin:master Nov 16, 2025
38 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

pkcs1_decode potential overflow issue

2 participants

@StevenEck @Legrandin