[Fix] Do not assert if length of sig is bad, just fail verification

author: Vsevolod Stakhov <vsevolod@highsecure.ru> 2019-06-07 16:02:17 +0100
committer: Vsevolod Stakhov <vsevolod@highsecure.ru> 2019-06-07 16:15:28 +0100
commit: 2c8baef8f0dc257d6321b1ed55dc8ffea7e76864 (patch)
tree: a501ae3ecadde2ae4a0ba1179c90ab4b97ec1e59 /src/libcryptobox
parent: 8e1c9b1e7c1144abff211c93736164f9311d929f (diff)
download: rspamd-2c8baef8f0dc257d6321b1ed55dc8ffea7e76864.tar.gz
rspamd-2c8baef8f0dc257d6321b1ed55dc8ffea7e76864.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/src/libcryptobox/cryptobox.c b/src/libcryptobox/cryptobox.c
index 7cd5e1b13..4d42ddb38 100644
--- a/src/libcryptobox/cryptobox.c
+++ b/src/libcryptobox/cryptobox.c
@@ -590,8 +590,9 @@ rspamd_cryptobox_verify (const guchar *sig,
 	bool ret = false;
 
 	if (G_LIKELY (mode == RSPAMD_CRYPTOBOX_MODE_25519)) {
-		g_assert (siglen == rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519));
-		ret = ed25519_verify (sig, m, mlen, pk);
+		if (siglen == rspamd_cryptobox_signature_bytes (RSPAMD_CRYPTOBOX_MODE_25519)) {
+			ret = ed25519_verify (sig, m, mlen, pk);
+		}
 	}
 	else {
 #ifndef HAVE_USABLE_OPENSSL
author	Vsevolod Stakhov <vsevolod@highsecure.ru>	2019-06-07 16:02:17 +0100
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>	2019-06-07 16:15:28 +0100
commit	2c8baef8f0dc257d6321b1ed55dc8ffea7e76864 (patch)
tree	a501ae3ecadde2ae4a0ba1179c90ab4b97ec1e59 /src/libcryptobox
parent	8e1c9b1e7c1144abff211c93736164f9311d929f (diff)
download	rspamd-2c8baef8f0dc257d6321b1ed55dc8ffea7e76864.tar.gz rspamd-2c8baef8f0dc257d6321b1ed55dc8ffea7e76864.zip