commit cb37aa5912d9d172dd4f252bed37b7f7447816a8
author Paul Bakker <p.j.bakker@polarssl.org> Wed Nov 30 16:00:20 2011 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Nov 30 16:00:20 2011 +0000
tree fa8735ff7a42370a0763b0ec6ad51d4818dcf0dc
parent 23fd5ea667fe75a09bc827a0a8a0278009a88e7b

 - Better buffer handling in mpi_read_file()

library/bignum.c

diff --git a/library/bignum.c b/library/bignum.c
index 6591b5b..5920956 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -441,15 +441,19 @@
     size_t slen;
     char *p;
     /*
-     * Buffer should have space for (short) label and hexified MPI and '\0'
+     * Buffer should have space for (short) label and decimal formatted MPI,
+     * newline characters and '\0'
      */
-    char s[ 2 * POLARSSL_MPI_MAX_SIZE + 10 ];
+    char s[ POLARSSL_MPI_READ_BUFFER_SIZE ];
 
     memset( s, 0, sizeof( s ) );
     if( fgets( s, sizeof( s ) - 1, fin ) == NULL )
         return( POLARSSL_ERR_MPI_FILE_IO_ERROR );
 
     slen = strlen( s );
+    if( slen == sizeof( s ) - 2 )
+        return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL );
+
     if( s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; }
     if( s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; }