Merge remote-tracking branch 'upstream-public/pr/2751' into mbedtls-2.16

2025-03-28 09:56:56 +00:00 · 2019-08-14 16:00:37 +02:00 · 2019-08-14 16:00:37 +02:00 · b963f23b82
parent c1b621c5cb da2fb42f96
commit b963f23b82
2 changed files with 5 additions and 2 deletions
--- a/3
+++ b/3
@ -20,6 +20,9 @@ Bugfix
     in #2169.
   * Fix undefined memset(NULL) call in test_suite_nist_kw.
   * Make NV seed test support MBEDTLS_ENTROPY_FORCE_SHA256.
+   * Fix propagation of restart contexts in restartable EC operations.
+     This could previously lead to segmentation faults in builds using an
+     address-sanitizer and enabling but not using MBEDTLS_ECP_RESTARTABLE.

 Changes
   * Make it easier to define MBEDTLS_PARAM_FAILED as assert (which config.h
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -172,11 +172,11 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx )
 }
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */

-#define ECDSA_RS_ECP    &rs_ctx->ecp
+#define ECDSA_RS_ECP    ( rs_ctx == NULL ? NULL : &rs_ctx->ecp )

 /* Utility macro for checking and updating ops budget */
 #define ECDSA_BUDGET( ops )   \
-    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, &rs_ctx->ecp, ops ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) );

 /* Call this when entering a function that needs its own sub-context */
 #define ECDSA_RS_ENTER( SUB )   do {                                 \