From 38c34365774c06974d34bf132a5ade275e2d103f Mon Sep 17 00:00:00 2001
From: =?utf8?q?Ulf=20M=C3=B6ller?= <ulf@openssl.org>
Date: Wed, 6 Jun 2001 17:15:47 +0000
Subject: [PATCH] make sure we don't write to seed[-1]

---
 crypto/rsa/rsa_oaep.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index fd0b7f361f..4f3209f021 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -94,6 +94,11 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
 	}
 
     lzero = num - flen;
+    if (lzero < 0)
+    {
+    RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
+    return (-1);
+    }
     maskeddb = from - lzero + SHA_DIGEST_LENGTH;
     
     MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
-- 
2.25.1