yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-10-19 02:11:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add mpi_sub_abs negative tests with a larger-in-size second operand

Browse source 
Add test cases for mbedtls_mpi_sub_abs() where the second operand has
more limbs than the first operand (which, if the extra limbs are not
all zero, implies that the function returns
MBEDTLS_ERR_MPI_NEGATIVE_VALUE).

This exposes a buffer overflow (reported in #4042).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-01-27 22:24:30 +01:00
parent 53943ca434
commit 43e89e1b15
1 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
tests/suites/test_suite_mpi.data
View file

@ -484,18 +484,30 @@ mbedtls_mpi_add_int:10:"20395687835640197740576586692903457728019399331434826309
Test mbedtls_mpi_add_int #2
mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
Base test mbedtls_mpi_sub_abs #1 (Test with larger second input)
Base test mbedtls_mpi_sub_abs #1 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #2 (Test with larger second input)
Base test mbedtls_mpi_sub_abs #2 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"-5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #3 (Test with larger second input)
Base test mbedtls_mpi_sub_abs #3 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"-5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #4 (Test with larger second input)
Base test mbedtls_mpi_sub_abs #4 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"5":10:"-7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #1 (|B| >> |A| with more limbs)
mbedtls_mpi_sub_abs:10:"5":16:"123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #2 (|B| >> |A| with more limbs)
mbedtls_mpi_sub_abs:10:"-5":16:"-123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #3 (|B| >> |A| with more limbs)
mbedtls_mpi_sub_abs:10:"-5":16:"123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #4 (|B| >> |A| with more limbs)
mbedtls_mpi_sub_abs:10:"5":16:"-123456789abcdef01":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
Base test mbedtls_mpi_sub_abs #1
mbedtls_mpi_sub_abs:10:"7":10:"5":10:"2":0