pkwrite: add a safety check before calculating the buffer size

commit: 158c3d10d0fafc6aaf83aaf80041e39ce92da299 [log] [tgz]
author: Andrzej Kurek <andrzej.kurek@arm.com> Mon Nov 19 18:09:59 2018 -0500
committer: Andrzej Kurek <andrzej.kurek@arm.com> Thu Nov 22 12:05:08 2018 -0500
tree: 8d6b90593a29d9988214dc28737ed4f09b7f5d0e
parent: 4b1140725871024afe20a1f932bffce2b5cf21f8 [diff] [blame]
diff --git a/library/pkwrite.c b/library/pkwrite.c
index dcd3263..3dfc590 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c

@@ -167,8 +167,13 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
     {
-        size_t buffer_size = *p - start;
+        size_t buffer_size;
         psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx;
+
+        if ( *p < start )
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+        buffer_size = *p - start;
         if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
              != PSA_SUCCESS )
         {
commit	158c3d10d0fafc6aaf83aaf80041e39ce92da299	[log] [tgz]
author	Andrzej Kurek <andrzej.kurek@arm.com>	Mon Nov 19 18:09:59 2018 -0500
committer	Andrzej Kurek <andrzej.kurek@arm.com>	Thu Nov 22 12:05:08 2018 -0500
tree	8d6b90593a29d9988214dc28737ed4f09b7f5d0e
parent	4b1140725871024afe20a1f932bffce2b5cf21f8 [diff] [blame]