Prevent arithmetic overflow on bounds check

commit: 0e0afacbc502c01a39ab4322dca6ee8bc93066f9 [log] [tgz]
author: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 11:31:53 2018 +0100
committer: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 14:35:12 2018 +0100
tree: a217777078d835274ff7a036017174936ee9b944
parent: 7040553a02ac1454a6b73044f9abd36274d34c08 [diff] [blame]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7bf9933..5bfcb95 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -1859,7 +1859,7 @@
     len = (*p)[0] << 8 | (*p)[1];
     *p += 2;
 
-    if( (*p) + len > end )
+    if( (*p) > end -len )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
                                     "(psk_identity_hint length)" ) );
commit	0e0afacbc502c01a39ab4322dca6ee8bc93066f9	[log] [tgz]
author	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 11:31:53 2018 +0100
committer	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 14:35:12 2018 +0100
tree	a217777078d835274ff7a036017174936ee9b944
parent	7040553a02ac1454a6b73044f9abd36274d34c08 [diff] [blame]