From df1f7b4b0241ac52f6a67af0521566d857e8f038 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Thu, 17 Jul 2008 22:11:24 +0000 Subject: [PATCH] We should check the eight bytes starting at p[-9] for rollback attack detection, or the probability for an erroneous RSA_R_SSLV3_ROLLBACK_ATTACK will be larger than necessary. PR: 1695 --- crypto/rsa/rsa_ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index ea72629494..cfeff15bc9 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -130,7 +130,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING); return(-1); } - for (k= -8; k<0; k++) + for (k = -9; k<-1; k++) { if (p[k] != 0x03) break; } -- 2.25.1