Fix integer overflows in buffer bound checks
Fix potential integer overflows in the following functions:
* mbedtls_md2_update() to be bypassed and cause
* mbedtls_cipher_update()
* mbedtls_ctr_drbg_reseed()
This overflows would mainly be exploitable in 32-bit systems and could
cause buffer bound checks to be bypassed.
diff --git a/library/cipher.c b/library/cipher.c
index b69d331..7ea25cf 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -315,9 +315,9 @@
* If there is not enough data for a full block, cache it.
*/
if( ( ctx->operation == POLARSSL_DECRYPT &&
- ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
+ ilen <= cipher_get_block_size( ctx ) - ctx->unprocessed_len ) ||
( ctx->operation == POLARSSL_ENCRYPT &&
- ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
+ ilen < cipher_get_block_size( ctx ) - ctx->unprocessed_len ) )
{
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
ilen );
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 24adff0..7b315e8 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -277,7 +277,8 @@
unsigned char seed[CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0;
- if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT )
+ if( ctx->entropy_len > CTR_DRBG_MAX_SEED_INPUT ||
+ len > CTR_DRBG_MAX_SEED_INPUT - ctx->entropy_len )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );
diff --git a/library/md2.c b/library/md2.c
index 110cd95..2ac7eba 100644
--- a/library/md2.c
+++ b/library/md2.c
@@ -155,7 +155,7 @@
while( ilen > 0 )
{
- if( ctx->left + ilen > 16 )
+ if( ilen > 16 - ctx->left )
fill = 16 - ctx->left;
else
fill = ilen;