feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

mbedtls: Prevent arithmetic overflow on bounds check

Browse Source 
Part of the patch for CVE-2018-9989.
Cherry-picked from 5224a7544c.
Ref. https://github.com/espressif/esp-idf/issues/1860
This commit is contained in:
Ivan Grokhotkov
2018-04-19 11:50:11 +08:00
parent f58c664e2b
commit ffab6084f0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/mbedtls/library/ssl_cli.c
View File

@@ -2052,7 +2052,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
len = (*p)[0] << 8 | (*p)[1]; len = (*p)[0] << 8 | (*p)[1];
*p += 2; *p += 2;
if( (*p) + len > end ) if( (*p) > end - len )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message " MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
"(psk_identity_hint length)" ) ); "(psk_identity_hint length)" ) );