Re: [Linux-stable-mirror] [PATCH] crypto: rsa - fix buffer overread when stripping leading zeroes

Eric Biggers ebiggers3@gmail.com wrote:

In rsa_get_n(), if the buffer contained all 0's and "FIPS mode" is enabled, we would read one byte past the end of the buffer while scanning the leading zeroes. Fix it by checking 'n_sz' before '!*ptr'.

Reviewed-by: David Howells dhowells@redhat.com