Skip to content

Commit

Permalink
Prevent arithmetic overflow on bounds check
Browse files Browse the repository at this point in the history
  • Loading branch information
@k-stachowiak
k-stachowiak committed Mar 13, 2018
1 parent a1098f8 commit 027f84c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion library/ssl_cli.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2489,7 +2489,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
sig_len = ( p[0] << 8 ) | p[1];
p += 2;

if( end != p + sig_len )
if( p != end - sig_len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
Expand Down

0 comments on commit 027f84c

Please sign in to comment.