TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 8cf6d31f548bb5ad306ea51a50e8adc401b04f1b^2..8cf6d31f548bb5ad306ea51a50e8adc401b04f1b / .
commit8cf6d31f548bb5ad306ea51a50e8adc401b04f1b[log] [tgz]
authorSimon Butcher <simon.butcher@arm.com>Thu Feb 02 09:15:05 2017 +0000
committerSimon Butcher <simon.butcher@arm.com>Thu Feb 02 09:15:05 2017 +0000
tree2ac7658ae2c0809c61da967011bf453ec3c45df7
parent0289920d1209af6806f69f90cced9a088d09fa4b [diff]
parent3e3698ca307b0991c573a007e0d773b48c83e862 [diff]
Merge branch fix-base64-arithmetic-overflows

Fix potential integer overflows in the function mbedtls_base64_decode().
This overflow would mainly be exploitable in 32-bit systems and could
cause buffer bound checks to be bypassed.

diff --git a/ChangeLog b/ChangeLog
index 124d056..6622fb5 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,8 +1,14 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
-= mbed TLS 1.x.x branch released xxxx-xx-xx
+= mbed TLS 1.3.x branch released xxxx-xx-xx
 
 Bugfix
+   * Fixed potential arithmetic overflow in mbedtls_ctr_drbg_reseed() that could
+     cause buffer bound checks to be bypassed. Found by Eyal Itkin.
+   * Fixed potential arithmetic overflows in mbedtls_cipher_update() that could
+     cause buffer bound checks to be bypassed. Found by Eyal Itkin.
+   * Fixed potential arithmetic overflow in mbedtls_md2_update() that could
+     cause buffer bound checks to be bypassed. Found by Eyal Itkin.
    * Fixed potential arithmetic overflow in mbedtls_base64_decode() that could
      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
 

diff --git a/library/cipher.c b/library/cipher.c
index b69d331..7ea25cf 100644
--- a/library/cipher.c
+++ b/library/cipher.c

@@ -315,9 +315,9 @@
          * If there is not enough data for a full block, cache it.
          */
         if( ( ctx->operation == POLARSSL_DECRYPT &&
-                ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
+                ilen <= cipher_get_block_size( ctx ) - ctx->unprocessed_len ) ||
              ( ctx->operation == POLARSSL_ENCRYPT &&
-                ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
+                ilen < cipher_get_block_size( ctx ) - ctx->unprocessed_len ) )
         {
             memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
                     ilen );

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 24adff0..7b315e8 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c

@@ -277,7 +277,8 @@
     unsigned char seed[CTR_DRBG_MAX_SEED_INPUT];
     size_t seedlen = 0;
 
-    if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT )
+    if( ctx->entropy_len > CTR_DRBG_MAX_SEED_INPUT ||
+        len > CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
         return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
 
     memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );

diff --git a/library/md2.c b/library/md2.c
index 110cd95..2ac7eba 100644
--- a/library/md2.c
+++ b/library/md2.c

@@ -155,7 +155,7 @@
 
     while( ilen > 0 )
     {
-        if( ctx->left + ilen > 16 )
+        if( ilen > 16 - ctx->left )
             fill = 16 - ctx->left;
         else
             fill = ilen;

diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index da3376e..5000431 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt

@@ -31,7 +31,7 @@
 if(OPENSSL_FOUND)
     add_executable(o_p_test o_p_test.c)
     include_directories(${OPENSSL_INCLUDE_DIR})
-    target_link_libraries(o_p_test ${libs} ${OPENSSL_LIBRARIES})
+    target_link_libraries(o_p_test ${libs} ${OPENSSL_LIBRARIES} ${CMAKE_DL_LIBS})
 
     install(TARGETS o_p_test
         DESTINATION "bin"