Skip to content

Commit

Permalink
Prevent arithmetic overflow on bounds check
Browse files Browse the repository at this point in the history
  • Loading branch information
@k-stachowiak
k-stachowiak committed Mar 13, 2018
1 parent 740b218 commit 5224a75
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion library/ssl_cli.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2066,7 +2066,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
len = (*p)[0] << 8 | (*p)[1];
*p += 2;

if( (*p) + len > end )
if( (*p) > end - len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
"(psk_identity_hint length)" ) );
Expand Down

0 comments on commit 5224a75

Please sign in to comment.