wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6739 from JacobBarthelmeh/fuzzing

Browse Source 
additional sanity check with GetIntPositive
This commit is contained in:
Sean Parkinson
2023-08-31 07:11:05 +10:00
committed by GitHub
parent 2aefdfe9d5 1ada2e6a43
commit b546473495
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
wolfcrypt/src/asn.c
View File

@@ -3283,8 +3283,21 @@ static int GetIntPositive(mp_int* mpi, const byte* input, word32* inOutIdx,
if (ret != 0) if (ret != 0)
return ret; return ret;
if (((input[idx] & 0x80) == 0x80) && (input[idx - 1] != 0x00)) /* should not be hit but adding in an additional sanity check */
if (idx + length > maxIdx) {
return MP_INIT_E; return MP_INIT_E;
}
if ((input[idx] & 0x80) == 0x80) {
if (idx < 1) {
/* needs at least one byte for length value */
return MP_INIT_E;
}
if (input[idx - 1] != 0x00) {
return MP_INIT_E;
}
}
if (initNum) { if (initNum) {
if (mp_init(mpi) != MP_OKAY) if (mp_init(mpi) != MP_OKAY)