From 6f3623f220b038b19560e85c4d64df37f24d14d7 Mon Sep 17 00:00:00 2001
From: Stanislav Klima <sklima@ra.rockwell.com>
Date: Tue, 18 Feb 2020 09:59:59 +0100
Subject: [PATCH] Moved infinite loop check to the other bad func arg check.

---
 wolfcrypt/src/rsa.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index af1fdff73..1ed5fda78 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -1596,7 +1596,7 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
     byte   invalid = 0;
 #endif
 
-    if (output == NULL || pkcsBlockLen == 0) {
+    if (output == NULL || pkcsBlockLen == 0 || pkcsBlockLen > 0xFFFF) {
         return BAD_FUNC_ARG;
     }
 
@@ -1624,9 +1624,6 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
         word16 j;
         word16 pastSep = 0;
 
-        if (pkcsBlockLen > 0xFFFF)
-            return RSA_PAD_E;
-
         /* Decrypted with private key - unpad must be constant time. */
         for (i = 0, j = 2; j < pkcsBlockLen; j++) {
            /* Update i if not passed the separator and at separator. */