mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-25 17:45:27 +00:00
Fix other int casts in bounds checking
Not a security issue as here we know the buffer is large enough (unless something else if badly wrong in the code), and the value cast to int is less than 2^16 (again, unless issues elsewhere). Still changing to a more correct check as a matter of principle
This commit is contained in:
parent
4dc9b394d3
commit
bc5e508855
1 changed files with 12 additions and 3 deletions
|
@ -1095,11 +1095,16 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
|||
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
|
||||
if( key_ex == MBEDTLS_KEY_EXCHANGE_PSK )
|
||||
{
|
||||
if( end - p < 2 + (int) psk_len )
|
||||
if( end - p < 2 )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
*(p++) = (unsigned char)( psk_len >> 8 );
|
||||
*(p++) = (unsigned char)( psk_len );
|
||||
|
||||
if( end < p || (size_t)( end - p ) < psk_len )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
memset( p, 0, psk_len );
|
||||
p += psk_len;
|
||||
}
|
||||
else
|
||||
|
@ -1167,11 +1172,15 @@ int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exch
|
|||
}
|
||||
|
||||
/* opaque psk<0..2^16-1>; */
|
||||
if( end - p < 2 + (int) psk_len )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
if( end - p < 2 )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
*(p++) = (unsigned char)( psk_len >> 8 );
|
||||
*(p++) = (unsigned char)( psk_len );
|
||||
|
||||
if( end < p || (size_t)( end - p ) < psk_len )
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
memcpy( p, psk, psk_len );
|
||||
p += psk_len;
|
||||
|
||||
|
|
Loading…
Reference in a new issue