Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-06 06:28:56 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix missing bound check

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-11-25 17:41:50 +01:00 committed by Paul Bakker
parent f5f25b3a0d
commit 5cb4b31057
3 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
library/ctr_drbg.c
View file

@ -137,6 +137,9 @@ static int block_cipher_df( unsigned char *output,
int i, j;
size_t buf_len, use_len;
if( data_len > CTR_DRBG_MAX_SEED_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
aes_init( &aes_ctx );
@ -256,6 +259,11 @@ void ctr_drbg_update( ctr_drbg_context *ctx,
if( add_len > 0 )
{
/* MAX_INPUT would be more logical here, but we have to match
* block_cipher_df()'s limits since we can't propagate errors */
if( add_len > CTR_DRBG_MAX_SEED_INPUT )
add_len = CTR_DRBG_MAX_SEED_INPUT;
block_cipher_df( add_input, additional, add_len );
ctr_drbg_update_internal( ctx, add_input );
}