mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-22 03:11:02 +00:00
Merge pull request #3007 from mpg/fix-ecdsa-pointer-inc
[Backport 2.16] Fix incrementing pointer instead of value
This commit is contained in:
commit
b0deeccc58
10
ChangeLog
10
ChangeLog
|
@ -1,5 +1,15 @@
|
|||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 2.16.5 branch released xxxx-xx-xx
|
||||
|
||||
Security
|
||||
* Fix potential memory overread when performing an ECDSA signature
|
||||
operation. The overread only happens with cryptographically low
|
||||
probability (of the order of 2^-n where n is the bitsize of the curve)
|
||||
unless the RNG is broken, and could result in information disclosure or
|
||||
denial of service (application crash or extra resource consumption).
|
||||
Reported by Peter and Auke (found using static analysis).
|
||||
|
||||
= mbed TLS 2.16.4 branch released 2020-01-15
|
||||
|
||||
Security
|
||||
|
|
|
@ -297,7 +297,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
|
|||
*p_sign_tries = 0;
|
||||
do
|
||||
{
|
||||
if( *p_sign_tries++ > 10 )
|
||||
if( (*p_sign_tries)++ > 10 )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
|
||||
goto cleanup;
|
||||
|
@ -310,7 +310,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
|
|||
*p_key_tries = 0;
|
||||
do
|
||||
{
|
||||
if( *p_key_tries++ > 10 )
|
||||
if( (*p_key_tries)++ > 10 )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
|
||||
goto cleanup;
|
||||
|
|
Loading…
Reference in a new issue