Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/5224a7544c95552553e2e6be0b4a789956a6464e^!/./library
commit
5224a7544c95552553e2e6be0b4a789956a6464e
[log]
author
Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>
Tue Mar 13 11:31:38 2018 +0100
committer
Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>
Tue Mar 13 11:31:38 2018 +0100
tree
877afc19ebdc4e195f3cd3bb3df17486fc6458a0
parent
740b218386083dc708ce98ccc94a63a95cd5629e [diff]
Prevent arithmetic overflow on bounds check

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 585750e..759a456 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -2066,7 +2066,7 @@
     len = (*p)[0] << 8 | (*p)[1];
     *p += 2;
 
-    if( (*p) + len > end )
+    if( (*p) > end - len )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
                                     "(psk_identity_hint length)" ) );