feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

additional sanity check with GetIntPositive

Browse Source
This commit is contained in:
JacobBarthelmeh
2023-08-29 15:43:01 -07:00
parent 70c362f680
commit 1ada2e6a43
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
wolfcrypt/src/asn.c
View File

@@ -3283,8 +3283,21 @@ static int GetIntPositive(mp_int* mpi, const byte* input, word32* inOutIdx,
if (ret != 0) if (ret != 0)
return ret; return ret;
if (((input[idx] & 0x80) == 0x80) && (input[idx - 1] != 0x00)) /* should not be hit but adding in an additional sanity check */
if (idx + length > maxIdx) {
return MP_INIT_E; return MP_INIT_E;
}
if ((input[idx] & 0x80) == 0x80) {
if (idx < 1) {
/* needs at least one byte for length value */
return MP_INIT_E;
}
if (input[idx - 1] != 0x00) {
return MP_INIT_E;
}
}
if (initNum) { if (initNum) {
if (mp_init(mpi) != MP_OKAY) if (mp_init(mpi) != MP_OKAY)