stricter fix for oflow

security/rsaref/patches/patch-ac

@@ -1,42 +1,38 @@
---- rsa.c.orig	Fri Mar 25 14:01:48 1994
-+++ rsa.c	Wed Dec  1 23:01:22 1999
-@@ -33,6 +33,9 @@
+--- rsa.c.orig	Sun Dec 12 13:31:52 1999
++++ rsa.c	Sun Dec 12 13:35:12 1999
+@@ -33,6 +33,8 @@
    unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen;
    
-+  if (inputLen + 3 > MAX_RSA_MODULUS_LEN)
++  if (publicKey->bits > MAX_RSA_MODULUS_BITS)
 +    return (RE_LEN);
-+
    modulusLen = (publicKey->bits + 7) / 8;
    if (inputLen + 11 > modulusLen)
      return (RE_LEN);
-@@ -78,6 +81,9 @@
+@@ -78,6 +80,8 @@
    unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen, pkcsBlockLen;
    
-+  if (inputLen > MAX_RSA_MODULUS_LEN)
++  if (publicKey->bits > MAX_RSA_MODULUS_BITS)
 +    return (RE_LEN);
-+
    modulusLen = (publicKey->bits + 7) / 8;
    if (inputLen > modulusLen)
      return (RE_LEN);
-@@ -129,6 +135,9 @@
+@@ -129,6 +133,8 @@
    unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen;
    
-+  if (inputLen + 3 > MAX_RSA_MODULUS_LEN)
++  if (privateKey->bits > MAX_RSA_MODULUS_BITS)
 +    return (RE_LEN);
-+
    modulusLen = (privateKey->bits + 7) / 8;
    if (inputLen + 11 > modulusLen)
      return (RE_LEN);
-@@ -168,6 +177,9 @@
+@@ -168,6 +174,8 @@
    unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
    unsigned int i, modulusLen, pkcsBlockLen;
    
-+  if (inputLen > MAX_RSA_MODULUS_LEN)
++  if (privateKey->bits > MAX_RSA_MODULUS_BITS)
 +    return (RE_LEN);
-+
    modulusLen = (privateKey->bits + 7) / 8;
    if (inputLen > modulusLen)
      return (RE_LEN);

security/rsaref/pkg/SECURITY

@@ -1,4 +1,4 @@
 
-patch-ac fixes the buffer overflow in RSA{Private,Public}Decrypt(),
+patch-ac fixes the buffer overflow in RSA{Private,Public}{De,En}crypt(),
 as published by CORE SDI in their advisory of Dec. 1, 1999.