Included test for integer underflow.

commit: b8afe1bb2c8fdd3d85d9c5c669bd0b4f45eb65e9 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Tue Feb 09 14:51:35 2016 +0000
committer: Janos Follath <janos.follath@arm.com> Tue Feb 09 14:51:35 2016 +0000
tree: 7f2c47219af9b3d905f6c1f95741b3ab0cf5cef8
parent: edb1a483971c836e84e95d7b73ee39bd6b450675 [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index fba68dd..881805e 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -720,6 +720,10 @@
      */
     hlen = mbedtls_md_get_size( md_info );
 
+    // checking for integer underflow
+    if( 2 * hlen + 2 > ilen )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
     mbedtls_md_init( &md_ctx );
     mbedtls_md_setup( &md_ctx, md_info, 0 );
commit	b8afe1bb2c8fdd3d85d9c5c669bd0b4f45eb65e9	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Tue Feb 09 14:51:35 2016 +0000
committer	Janos Follath <janos.follath@arm.com>	Tue Feb 09 14:51:35 2016 +0000
tree	7f2c47219af9b3d905f6c1f95741b3ab0cf5cef8
parent	edb1a483971c836e84e95d7b73ee39bd6b450675 [diff] [blame]