Check LMS offsets are sane at runtime Signed-off-by: Raef Coles <raef.coles@arm.com>

commit: 1fb2f32ef5485962e0334dbbb397b3114a18dba6 [log] [tgz]
author: Raef Coles <raef.coles@arm.com> Mon Oct 10 11:23:07 2022 +0100
committer: Raef Coles <raef.coles@arm.com> Thu Oct 13 14:29:31 2022 +0100
tree: 01943412f823da9a2d11b5e8d14371df6f4dd44b
parent: e34e3c0e599ef9551e675042b797562f3b43269c [diff] [blame]
diff --git a/library/lms.c b/library/lms.c
index adba195..296adce 100644
--- a/library/lms.c
+++ b/library/lms.c

@@ -733,6 +733,12 @@
      */
     ctx->q_next_usable_key += 1;
 
+    if ( MBEDTLS_LMS_SIG_LEN(ctx->params.type, ctx->params.otstype)
+         < SIG_OTS_SIG_OFFSET )
+    {
+        return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;
+    }
+
     ret = mbedtls_lmots_sign( &ctx->ots_private_keys[q_leaf_identifier],
                               f_rng, p_rng, msg, msg_size,
                               sig + SIG_OTS_SIG_OFFSET,
commit	1fb2f32ef5485962e0334dbbb397b3114a18dba6	[log] [tgz]
author	Raef Coles <raef.coles@arm.com>	Mon Oct 10 11:23:07 2022 +0100
committer	Raef Coles <raef.coles@arm.com>	Thu Oct 13 14:29:31 2022 +0100
tree	01943412f823da9a2d11b5e8d14371df6f4dd44b
parent	e34e3c0e599ef9551e675042b797562f3b43269c [diff] [blame]