cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add length check in ecp_drbg_seed()

Browse Source 
While this is a static function, so right now we know we don't need the check,
things may change in the future, so better be on the safe side.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-06-19 11:59:49 +02:00
parent 4539a45cbf
commit 1215c54754
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
library/ecp.c
View File

@ -181,6 +181,12 @@ static int ecp_drbg_seed( ecp_drbg_context *ctx,
const mbedtls_md_type_t md_type = mbedtls_md_list()[0];
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
if( secret_len > MBEDTLS_ECP_MAX_BYTES )
{
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
secret_bytes, secret_len ) );
@ -237,6 +243,12 @@ static int ecp_drbg_seed( ecp_drbg_context *ctx,
int ret;
unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
if( secret_len > MBEDTLS_ECP_MAX_BYTES )
{
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
secret_bytes, secret_len ) );