resolved: dnssec - fix off-by-one in RSA key parsing

If the first byte of the key is zero, the key-length is stored in the second and third byte (not first and second).
author: Tom Gundersen <teg@jklm.no> 2015-12-28 18:03:34 +0100
committer: Tom Gundersen <teg@jklm.no> 2016-01-01 16:48:52 +0100
commit: ac04adbeb9d0b19e77a715715be24779f7dcf1b2 (patch)
tree: 686d829f1f09281d41c66189ed5a8a703a32f154
parent: 5809f340fd7e5e6c76e229059c50d92e1f57e8d8 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c
index e4b32c7e4b..6a6aabc18f 100644
--- a/src/resolve/resolved-dns-dnssec.c
+++ b/src/resolve/resolved-dns-dnssec.c
@@ -238,8 +238,8 @@ static int dnssec_rsa_verify(
 
                 exponent = (uint8_t*) dnskey->dnskey.key + 3;
                 exponent_size =
-                        ((size_t) (((uint8_t*) dnskey->dnskey.key)[0]) << 8) |
-                        ((size_t) ((uint8_t*) dnskey->dnskey.key)[1]);
+                        ((size_t) (((uint8_t*) dnskey->dnskey.key)[1]) << 8) |
+                        ((size_t) ((uint8_t*) dnskey->dnskey.key)[2]);
 
                 if (exponent_size < 256)
                         return -EINVAL;
author	Tom Gundersen <teg@jklm.no>	2015-12-28 18:03:34 +0100
committer	Tom Gundersen <teg@jklm.no>	2016-01-01 16:48:52 +0100
commit	ac04adbeb9d0b19e77a715715be24779f7dcf1b2 (patch)
tree	686d829f1f09281d41c66189ed5a8a703a32f154
parent	5809f340fd7e5e6c76e229059c50d92e1f57e8d8 (diff)