mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-24 15:01:09 +00:00
Fix undefined behavior in unsigned-to-signed conversion
The code assumed that `int x = - (unsigned) u` with 0 <= u < INT_MAX sets `x` to the negative of u, but actually this calculates (UINT_MAX - u) and then converts this value to int, which overflows. Cast to int before applying the unary minus operator to guarantee the desired behavior.
This commit is contained in:
parent
996f30d381
commit
e3be8d672e
|
@ -1155,7 +1155,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
|
||||||
* - OUTPUT_TOO_LARGE if the padding is good but the decrypted
|
* - OUTPUT_TOO_LARGE if the padding is good but the decrypted
|
||||||
* plaintext does not fit in the output buffer.
|
* plaintext does not fit in the output buffer.
|
||||||
* - 0 if the padding is correct. */
|
* - 0 if the padding is correct. */
|
||||||
ret = - if_int( bad, - MBEDTLS_ERR_RSA_INVALID_PADDING,
|
ret = - (int) if_int( bad, - MBEDTLS_ERR_RSA_INVALID_PADDING,
|
||||||
if_int( output_too_large, - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE,
|
if_int( output_too_large, - MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE,
|
||||||
0 ) );
|
0 ) );
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue