mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 13:25:28 +00:00
Fix 1 byte overread in mbedtls_asn1_get_int()
This commit is contained in:
parent
79f2e87f0c
commit
15fdb7f9ff
|
@ -10,7 +10,10 @@ Bugfix
|
|||
when GCM is used. #441
|
||||
* Fix for key exchanges based on ECDH-RSA or ECDH-ECDSA which weren't
|
||||
enabled unless others were also present. Found by David Fernandez. #428
|
||||
* Fixed configuration of debug output in cert_app sample program.
|
||||
* Fixed cert_app sample program for debug output and for use when no root
|
||||
certificates are provided.
|
||||
* Fix conditional statement that would cause a 1 byte overread in
|
||||
mbedtls_asn1_get_int(). Found and fixed by Guido Vranken.
|
||||
* Fixed the sample applications gen_key.c, cert_req.c and cert_write.c for
|
||||
builds where the configuration POLARSSL_PEM_WRITE_C is not defined. Found
|
||||
by inestlerode. #559.
|
||||
|
|
|
@ -154,7 +154,7 @@ int asn1_get_int( unsigned char **p,
|
|||
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
|
||||
if( len == 0 || len > sizeof( int ) || ( **p & 0x80 ) != 0 )
|
||||
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
|
||||
|
||||
*val = 0;
|
||||
|
|
Loading…
Reference in a new issue