cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

mbedtls_mpi_sub_abs: fix buffer overflow in error case

Browse Source 
Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|A| - |B| where |B| is larger than |A| and has more limbs (so the
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE).

Fix #4042

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-01-27 22:30:43 +01:00
parent 43e89e1b15
commit c8a9177110
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog.d/mpi_sub_abs.txt Normal file
View File

@ -0,0 +1,7 @@
Security
* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|A| - |B| where |B| is larger than |A| and has more limbs (so the
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
applications calling mbedtls_mpi_sub_abs() directly are affected:
all calls inside the library were safe since this function is
only called with |A| >= |B|. Reported by Guido Vranken in #4042.

6
library/bignum.c
View File

@ -1401,6 +1401,12 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
for( n = B->n; n > 0; n-- ) for( n = B->n; n > 0; n-- )
if( B->p[n - 1] != 0 ) if( B->p[n - 1] != 0 )
break; break;
if( n > A->n )
{
/* B >= (2^ciL)^n > A */
ret = MBEDTLS_ERR_MPI_NEGATIVE_VALUE;
goto cleanup;
}
carry = mpi_sub_hlp( n, X->p, B->p ); carry = mpi_sub_hlp( n, X->p, B->p );
if( carry != 0 ) if( carry != 0 )