Included test for integer underflow.

commit: 3bed13df1ce2466edc0b441427c122265deed509 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Tue Feb 09 14:51:35 2016 +0000
committer: Simon Butcher <simon.butcher@arm.com> Wed May 18 19:58:40 2016 +0100
tree: 43c9c5c5962be4f7f40067fbcfeb58a64a5ebc0f
parent: 6483af8e42a6ea62cbf2964473ee95f942757041 [diff] [blame]
diff --git a/library/rsa.c b/library/rsa.c
index fd33b53..154fa58 100644
--- a/library/rsa.c
+++ b/library/rsa.c

@@ -717,8 +717,12 @@
      */
     hlen = md_get_size( md_info );
 
-    md_init( &md_ctx );
-    md_init_ctx( &md_ctx, md_info );
+    // checking for integer underflow
+    if( 2 * hlen + 2 > ilen )
+        return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
+
+    mbedtls_md_init( &md_ctx );
+    mbedtls_md_setup( &md_ctx, md_info, 0 );
 
     /* Generate lHash */
     md( md_info, label, label_len, lhash );
commit	3bed13df1ce2466edc0b441427c122265deed509	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Tue Feb 09 14:51:35 2016 +0000
committer	Simon Butcher <simon.butcher@arm.com>	Wed May 18 19:58:40 2016 +0100
tree	43c9c5c5962be4f7f40067fbcfeb58a64a5ebc0f
parent	6483af8e42a6ea62cbf2964473ee95f942757041 [diff] [blame]