From de6079af8e60fc07ad64747db3e2731388305f53 Mon Sep 17 00:00:00 2001
From: Andres AG <andres.amayagarcia@arm.com>
Date: Mon, 24 Oct 2016 11:23:36 +0100
Subject: [PATCH] Fix buffer overreads in mbedtls_pem_read_buffer()

---
 ChangeLog     |  3 +++
 library/pem.c | 20 +++++++++++---------
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 316c5def2..80c9c09a4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,9 @@ Bugfix
    * Fix unused variable/function compilation warnings in pem.c and x509_csr.c
      that are reported when building mbed TLS with a config.h that does not
      define POLARSSL_PEM_PARSE_C. Found by omnium21. #562
+   * Fixed multiple buffer overreads in mbedtls_pem_read_buffer() when parsing
+     the input string in pem format to extract the different components. Found
+     by Eyal Itkin.
 
 = mbed TLS 1.3.18 branch 2016-10-17
 
diff --git a/library/pem.c b/library/pem.c
index ac8311691..b2c16c292 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -250,7 +250,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
 
     enc = 0;
 
-    if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
+    if( s2 - s1 >= 22 && memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
     {
 #if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) &&         \
     ( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
@@ -263,22 +263,22 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
 
 
 #if defined(POLARSSL_DES_C)
-        if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
+        if( s2 - s1 >= 23 && memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
         {
             enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC;
 
             s1 += 23;
-            if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
+            if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8 ) != 0 )
                 return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
 
             s1 += 16;
         }
-        else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
+        else if( s2 - s1 >= 18 && memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
         {
             enc_alg = POLARSSL_CIPHER_DES_CBC;
 
             s1 += 18;
-            if( pem_get_iv( s1, pem_iv, 8) != 0 )
+            if( s2 - s1 < 16 || pem_get_iv( s1, pem_iv, 8) != 0 )
                 return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
 
             s1 += 16;
@@ -286,9 +286,11 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
 #endif /* POLARSSL_DES_C */
 
 #if defined(POLARSSL_AES_C)
-        if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
+        if( s2 - s1 >= 14 && memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
         {
-            if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
+            if( s2 - s1 < 22 )
+                return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
+            else if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
                 enc_alg = POLARSSL_CIPHER_AES_128_CBC;
             else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
                 enc_alg = POLARSSL_CIPHER_AES_192_CBC;
@@ -298,7 +300,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
                 return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
 
             s1 += 22;
-            if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
+            if( s2 - s1 < 32 || pem_get_iv( s1, pem_iv, 16 ) != 0 )
                 return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
 
             s1 += 32;
@@ -317,7 +319,7 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
           ( POLARSSL_AES_C || POLARSSL_DES_C ) */
     }
 
-    if( s1 == s2 )
+    if( s1 >= s2 )
         return( POLARSSL_ERR_PEM_INVALID_DATA );
 
     len = 0;