From 5b8fda1ac68f7fb79394aaed5ff3ebc828beca71 Mon Sep 17 00:00:00 2001
From: philljj <43195615+philljj@users.noreply.github.com>
Date: Fri, 10 Feb 2023 10:46:37 -0600
Subject: [PATCH] Fix overflow in fp_to_unsigned_bin_len length check. (#6075)

* Fix overflow in fp_to_unsigned_bin_len length check.
* Add a second check when i == a->used - 1.
---
 wolfcrypt/src/tfm.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c
index 542da61d5..9efcd822e 100644
--- a/wolfcrypt/src/tfm.c
+++ b/wolfcrypt/src/tfm.c
@@ -3834,7 +3834,10 @@ int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c)
   for (; x >= 0; x--) {
      b[x] = 0;
   }
-  if ((i < a->used - 1) || ((a->dp[i] >> j) != 0)) {
+  if (i < a->used - 1) {
+      return FP_VAL;
+  }
+  if ((i == a->used - 1) && ((a->dp[i] >> j) != 0)) {
       return FP_VAL;
   }