yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-06-02 18:00:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add end-of-buffer check to prevent heap-buffer-overflow

Browse source 
Dereference of *p should not happen when it points past the end of the
buffer.

Internal reference: IOTSSL-1663
This commit is contained in:
Sanne Wouda 2017-08-21 15:58:12 +01:00
parent 1fe5e8ab44
commit 073a070590
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
library/pkparse.c
View file

@ -175,6 +175,10 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
{ {
int ret; int ret;
if ( end - *p < 1 )
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_OUT_OF_DATA );
/* Tag may be either OID or SEQUENCE */ /* Tag may be either OID or SEQUENCE */
params->tag = **p; params->tag = **p;
if( params->tag != MBEDTLS_ASN1_OID if( params->tag != MBEDTLS_ASN1_OID