From e726aa4946aa6f933acecb6389534bb0c1ea82d5 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Mon, 8 Feb 2016 14:52:29 +0000
Subject: [PATCH] Included tests for the overflow

---
 library/rsa.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/library/rsa.c b/library/rsa.c
index fba68ddfc..3cb92f40c 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -529,7 +529,8 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
     olen = ctx->len;
     hlen = mbedtls_md_get_size( md_info );
 
-    if( olen < ilen + 2 * hlen + 2 )
+    // first comparison checks for overflow
+    if( ilen + 2 * hlen + 2 < ilen || olen < ilen + 2 * hlen + 2 )
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
     memset( output, 0, olen );
@@ -594,8 +595,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
     olen = ctx->len;
-
-    if( olen < ilen + 11 )
+    
+    // first comparison checks for overflow
+    if( ilen + 11 < ilen || olen < ilen + 11 )
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
     nb_pad = olen - 3 - ilen;