X-Git-Url: http://git.silc.fi/gitweb/?p=crypto.git;a=blobdiff_plain;f=lib%2Fsilccrypt%2Fsilcpkcs1.c;h=653a4d891fbd8d42aa014ff3763b83e14ccd6553;hp=347addecbfd59d06647d2b1d67848f7591857a80;hb=2b4204c0a1a276bc9e25d21d18a8e5ad358428b4;hpb=bbb398e17e9fea91bab6ba551bddee1e48bf318e

diff --git a/lib/silccrypt/silcpkcs1.c b/lib/silccrypt/silcpkcs1.c
index 347addec..653a4d89 100644
--- a/lib/silccrypt/silcpkcs1.c
+++ b/lib/silccrypt/silcpkcs1.c
@@ -107,7 +107,7 @@ SilcBool silc_pkcs1_decode(SilcPkcs1BlockType bt,
 			   SilcUInt32 dest_data_size,
 			   SilcUInt32 *dest_len)
 {
-  int i = 0;
+  SilcUInt32 i = 0;
 
   SILC_LOG_DEBUG(("PKCS#1 decoding, bt %d", bt));
 
@@ -140,12 +140,20 @@ SilcBool silc_pkcs1_decode(SilcPkcs1BlockType bt,
   }
 
   /* Sanity checks */
+  if (i >= data_len) {
+    SILC_LOG_DEBUG(("Malformed block, too short message"));
+    return FALSE;
+  }
+  if (i < SILC_PKCS1_MIN_PADDING) {
+    SILC_LOG_DEBUG(("Malformed block, too short padding"));
+    return FALSE;
+  }
   if (data[i++] != 0x00) {
     SILC_LOG_DEBUG(("Malformed block"));
     return FALSE;
   }
-  if (i - 1 < SILC_PKCS1_MIN_PADDING) {
-    SILC_LOG_DEBUG(("Malformed block"));
+  if (i >= data_len) {
+    SILC_LOG_DEBUG(("Malformed block, too short message"));
     return FALSE;
   }
   if (dest_data_size < data_len - i) {