mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 23:35:32 +00:00
Add end-of-buffer check to prevent heap-buffer-overflow
Dereference of *p should not happen when it points past the end of the buffer. Internal reference: IOTSSL-1663
This commit is contained in:
parent
32605dc830
commit
b2b29d5259
|
@ -181,6 +181,9 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
if ( end - *p < 1 )
|
||||||
|
return MBEDTLS_ERR_ASN1_OUT_OF_DATA;
|
||||||
|
|
||||||
/* Tag may be either OID or SEQUENCE */
|
/* Tag may be either OID or SEQUENCE */
|
||||||
params->tag = **p;
|
params->tag = **p;
|
||||||
if( params->tag != MBEDTLS_ASN1_OID
|
if( params->tag != MBEDTLS_ASN1_OID
|
||||||
|
|
Loading…
Reference in a new issue