mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 13:40:49 +02:00
fix F-1238: Integer Overflow in ECDSA Verify Allocation of sig_len + hash_len
This commit is contained in:
@@ -417,6 +417,11 @@ static int km_ecdsa_verify(struct akcipher_request *req)
|
||||
goto ecdsa_verify_end;
|
||||
}
|
||||
|
||||
if ((sig_len + hash_len) != ((word64)sig_len + (word64)hash_len)) {
|
||||
err = -EINVAL;
|
||||
goto ecdsa_verify_end;
|
||||
}
|
||||
|
||||
sig = malloc(sig_len + hash_len);
|
||||
if (unlikely(sig == NULL)) {
|
||||
err = -ENOMEM;
|
||||
|
||||
Reference in New Issue
Block a user