ChangeLog.d/mpi_sub_abs.txt - mirror/mbed-tls - TrustedFirmware Git Browser

 Security
    * Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
      |A| - |B| where |B| is larger than |A| and has more limbs (so the
      function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
      applications calling mbedtls_mpi_sub_abs() directly are affected:
      all calls inside the library were safe since this function is
      only called with |A| >= |B|. Reported by Guido Vranken in #4042.
	Security
	* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
	\|A\| - \|B\| where \|B\| is larger than \|A\| and has more limbs (so the
	function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
	applications calling mbedtls_mpi_sub_abs() directly are affected:
	all calls inside the library were safe since this function is
	only called with \|A\| >= \|B\|. Reported by Guido Vranken in #4042.