diff options
author | Tom Gundersen <teg@jklm.no> | 2015-12-28 18:03:34 +0100 |
---|---|---|
committer | Tom Gundersen <teg@jklm.no> | 2016-01-01 16:48:52 +0100 |
commit | ac04adbeb9d0b19e77a715715be24779f7dcf1b2 (patch) | |
tree | 686d829f1f09281d41c66189ed5a8a703a32f154 /src | |
parent | 5809f340fd7e5e6c76e229059c50d92e1f57e8d8 (diff) |
resolved: dnssec - fix off-by-one in RSA key parsing
If the first byte of the key is zero, the key-length is stored in
the second and third byte (not first and second).
Diffstat (limited to 'src')
-rw-r--r-- | src/resolve/resolved-dns-dnssec.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c index e4b32c7e4b..6a6aabc18f 100644 --- a/src/resolve/resolved-dns-dnssec.c +++ b/src/resolve/resolved-dns-dnssec.c @@ -238,8 +238,8 @@ static int dnssec_rsa_verify( exponent = (uint8_t*) dnskey->dnskey.key + 3; exponent_size = - ((size_t) (((uint8_t*) dnskey->dnskey.key)[0]) << 8) | - ((size_t) ((uint8_t*) dnskey->dnskey.key)[1]); + ((size_t) (((uint8_t*) dnskey->dnskey.key)[1]) << 8) | + ((size_t) ((uint8_t*) dnskey->dnskey.key)[2]); if (exponent_size < 256) return -EINVAL; |