Fix potential buffer overflow in mpi_read_string()

Found by Guido Vranken. Two possible integer overflows (during << 2 or addition in BITS_TO_LIMB()) could result in far too few memory to be allocated, then overflowing the buffer in the subsequent for loop. Both integer overflows happen when slen is close to or greater than SIZE_T_MAX >> 2 (ie 2^30 on a 32 bit system). Note: one could also avoid those overflows by changing BITS_TO_LIMB(s << 2) to CHARS_TO_LIMB(s >> 1) but the solution implemented looks more robust with respect to future code changes.
2026-01-07 15:09:28 +01:00 · 2015-09-28 13:48:04 +02:00 · 2015-09-28 13:48:04 +02:00 · 58fb49531d
commit 58fb49531d
parent f592e8eaf6
2 changed files with 16 additions and 2 deletions
--- a/9
+++ b/9
@ -1,5 +1,14 @@
 mbed TLS ChangeLog (Sorted per branch, date)

+= mbed TLS 2.1.2 released 2015-??-??
+
+Security
+   * Fix potential buffer overflow in mbedtls_mpi_read_string().
+     Found by Guido Vranken. Not exploitable remotely in the context of TLS,
+     but might be in other uses. On 32 bit machines, requires reading a string
+     of close to or larger than 1GB to exploit; on 64 bit machines, would require
+     reading a string of close to or larger than 2^62 bytes.
+
 = mbed TLS 2.1.1 released 2015-09-17

 Security