mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 16:10:52 +02:00
Fix potential overflows in two additional hash functions.
Thanks to Arjuna Arya for the report. Fixes #9955.
This commit is contained in:
@@ -1954,6 +1954,11 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
|
||||
int _wc_Hash_Grow(byte** msg, word32* used, word32* len, const byte* in,
|
||||
int inSz, void* heap)
|
||||
{
|
||||
word32 tmpSz = 0;
|
||||
|
||||
if (!WC_SAFE_SUM_WORD32(*used, inSz, tmpSz))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (*len < *used + inSz) {
|
||||
if (*msg == NULL) {
|
||||
*msg = (byte*)XMALLOC(*used + inSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
@@ -75,8 +75,11 @@ static int hashInit(wolfssl_TI_Hash *hash)
|
||||
static int hashUpdate(wolfssl_TI_Hash *hash, const byte* data, word32 len)
|
||||
{
|
||||
void *p;
|
||||
word32 tmpSz = 0;
|
||||
|
||||
if ((hash== NULL) || (data == NULL))return BAD_FUNC_ARG;
|
||||
if ((hash== NULL) || (data == NULL) ||
|
||||
!WC_SAFE_SUM_WORD32(hash->used, len, tmpSz))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (hash->len < hash->used+len) {
|
||||
if (hash->msg == NULL) {
|
||||
|
||||
Reference in New Issue
Block a user