From 6da2211ee94ed7619fcfef30fcc52c2046bb0601 Mon Sep 17 00:00:00 2001 From: Rob Swindell Date: Wed, 27 Sep 2017 17:12:19 -0700 Subject: [PATCH] Update rsa_import.c Bug-fix: MAX_RSA_SIZE is the maximum RSA key size in *bits* (as commented in tomcrypt_custom.h), so the proper conversion to bytes (as the argument value to XCALLOC) would be to divide by 8 (bits per byte), not multiply by 8. This excessive allocation (32 Kbytes instead of 512 bytes) is readily apparent in memory-constrained environments. --- src/pk/rsa/rsa_import.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pk/rsa/rsa_import.c b/src/pk/rsa/rsa_import.c index 7140a73..4602904 100644 --- a/src/pk/rsa/rsa_import.c +++ b/src/pk/rsa/rsa_import.c @@ -40,7 +40,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key) } /* see if the OpenSSL DER format RSA public key will work */ - tmpbuf_len = MAX_RSA_SIZE * 8; + tmpbuf_len = MAX_RSA_SIZE / 8; tmpbuf = XCALLOC(1, tmpbuf_len); if (tmpbuf == NULL) { err = CRYPT_MEM;