| commit | 027f84c69f4ef30c0693832a6c396ef19e563ca1 | [log] [tgz] |
|---|---|---|
| author | Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> | Tue Mar 13 11:29:24 2018 +0100 |
| committer | Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> | Tue Mar 13 11:29:24 2018 +0100 |
| tree | d15d500b41496f405018f79eb993794cbd61b53c | |
| parent | a1098f81c252b317ad34ea978aea2bc47760b215 [diff] [blame] |
Prevent arithmetic overflow on bounds check
diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 279a127..df6abc3 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c
@@ -2489,7 +2489,7 @@ sig_len = ( p[0] << 8 ) | p[1]; p += 2; - if( end != p + sig_len ) + if( p != end - sig_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,