Better length checking in ecp_point_read_binary()

commit: 67dbe1ef4493b1847d1f68411ed80525322af021 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Jul 08 13:09:24 2014 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Jul 08 14:20:26 2014 +0200
tree: b70675a4fb94d6843eef70931189719d70da1a21
parent: 4e3e7c294460b90f30b712a4eb3937fff84f7aa7 [diff] [blame]
diff --git a/library/ecp.c b/library/ecp.c
index f9fb34b..e002e3b 100644
--- a/library/ecp.c
+++ b/library/ecp.c

@@ -492,6 +492,9 @@
     int ret;
     size_t plen;
 
+    if ( ilen < 1 )
+        return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
+
     if( buf[0] == 0x00 )
     {
         if( ilen == 1 )
@@ -529,7 +532,7 @@
     const unsigned char *buf_start;
 
     /*
-     * We must have at least two bytes (1 for length, at least of for data)
+     * We must have at least two bytes (1 for length, at least one for data)
      */
     if( buf_len < 2 )
         return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
commit	67dbe1ef4493b1847d1f68411ed80525322af021	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Tue Jul 08 13:09:24 2014 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Tue Jul 08 14:20:26 2014 +0200
tree	b70675a4fb94d6843eef70931189719d70da1a21
parent	4e3e7c294460b90f30b712a4eb3937fff84f7aa7 [diff] [blame]