Prevent arithmetic overflow on bounds check

commit: c86b880411191c3e56105ea1bcd45314a73d77dc [log] [tgz]
author: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 11:50:54 2018 +0100
committer: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 14:39:01 2018 +0100
tree: 564f7ff36590fa00f1331e54d13532ab451c67d2
parent: ce0d3ca1282dc599a5c65038a8afc058238d605f [diff] [blame]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index a126b79..b607fda 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -2246,7 +2246,7 @@
         sig_len = ( p[0] << 8 ) | p[1];
         p += 2;
 
-        if( end != p + sig_len )
+        if( p != end - sig_len )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
             return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
commit	c86b880411191c3e56105ea1bcd45314a73d77dc	[log] [tgz]
author	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 11:50:54 2018 +0100
committer	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 14:39:01 2018 +0100
tree	564f7ff36590fa00f1331e54d13532ab451c67d2
parent	ce0d3ca1282dc599a5c65038a8afc058238d605f [diff] [blame]