From 091016a149efa28e9cf986a81bce5eee417e0c6d Mon Sep 17 00:00:00 2001 From: Kareem Date: Wed, 11 Mar 2026 14:58:09 -0700 Subject: [PATCH] Ensure se050Ctx->used does not overflow in se050_hash_update. Thanks to Arjuna Arya for the report. Fixes #9951. --- wolfcrypt/src/port/nxp/se050_port.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/port/nxp/se050_port.c b/wolfcrypt/src/port/nxp/se050_port.c index 2532dd5fb2..8d6ac5d017 100644 --- a/wolfcrypt/src/port/nxp/se050_port.c +++ b/wolfcrypt/src/port/nxp/se050_port.c @@ -266,9 +266,11 @@ int se050_hash_copy(SE050_HASH_Context* src, SE050_HASH_Context* dst) int se050_hash_update(SE050_HASH_Context* se050Ctx, const byte* data, word32 len) { - byte* tmp = NULL; + byte* tmp = NULL; + word32 tmpSz = 0; - if (se050Ctx == NULL || (len > 0 && data == NULL)) { + if (se050Ctx == NULL || (len > 0 && data == NULL) || + !WC_SAFE_SUM_WORD32(se050Ctx->used, len, tmpSz)) { return BAD_FUNC_ARG; }