TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 4749007f6488dfcc7b78649e510f725c28ae3fd2^! / . / library / ssl_ticket.c
commit4749007f6488dfcc7b78649e510f725c28ae3fd2[log] [tgz]
authorDavid Horstmann <david.horstmann@arm.com>Wed Dec 06 17:22:53 2023 +0000
committerDavid Horstmann <david.horstmann@arm.com>Wed Dec 06 17:22:53 2023 +0000
tree18d7d497878a5dd4c1fa1d938b3fd9eb2bac8029
parentd9c69d12acebe89dbdc023e66d25c05d84725aa0 [diff] [blame]
Fix possible integer overflows before widening

When calculating a result to go into an mbedtls_ms_time_t, make sure
that arithmetic is performed at the final size to prevent overflow.

Signed-off-by: David Horstmann <david.horstmann@arm.com>

diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 8e7c145..cd730fb 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c

@@ -510,7 +510,8 @@
         }
 #endif
 
-        mbedtls_ms_time_t ticket_lifetime = ctx->ticket_lifetime * 1000;
+        mbedtls_ms_time_t ticket_lifetime =
+            (mbedtls_ms_time_t) ctx->ticket_lifetime * 1000;
 
         if (ticket_age < 0 || ticket_age > ticket_lifetime) {
             ret = MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED;