From f65ff03d106f4cfe162bfde4780426b7bbc2e4ee Mon Sep 17 00:00:00 2001
From: Mike DePaulo <mikedep333@gmail.com>
Date: Tue, 7 Jul 2015 08:57:00 -0400
Subject: Update openssl: 1.0.1m -> 1.0.1o

---
 openssl/crypto/rsa/rsa_pmeth.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'openssl/crypto/rsa/rsa_pmeth.c')

diff --git a/openssl/crypto/rsa/rsa_pmeth.c b/openssl/crypto/rsa/rsa_pmeth.c
index d61d6e8b6..6a7c67cdb 100644
--- a/openssl/crypto/rsa/rsa_pmeth.c
+++ b/openssl/crypto/rsa/rsa_pmeth.c
@@ -228,8 +228,14 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
                 return ret;
             ret = sltmp;
         } else if (rctx->pad_mode == RSA_X931_PADDING) {
-            if (!setup_tbuf(rctx, ctx))
+            if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) {
+                RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_KEY_SIZE_TOO_SMALL);
+                return -1;
+            }
+            if (!setup_tbuf(rctx, ctx)) {
+                RSAerr(RSA_F_PKEY_RSA_SIGN, ERR_R_MALLOC_FAILURE);
                 return -1;
+            }
             memcpy(rctx->tbuf, tbs, tbslen);
             rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md));
             ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
-- 
cgit v1.2.3