yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Validate LMOTS sig length before parsing type

Browse source 
Signed-off-by: Raef Coles <raef.coles@arm.com>
This commit is contained in:
Raef Coles 2022-10-10 16:40:00 +01:00
parent 7726678b23
commit 4829459c90
No known key found for this signature in database
GPG key ID: 1AAF1B43DF2086F4
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
library/lmots.c
View file

@ -552,6 +552,11 @@ int mbedtls_lmots_verify( const mbedtls_lmots_public_t *ctx,
return( MBEDTLS_ERR_LMS_BAD_INPUT_DATA );
}
if( sig_size < MBEDTLS_LMOTS_SIG_TYPE_OFFSET + MBEDTLS_LMOTS_TYPE_LEN )
{
return( MBEDTLS_ERR_LMS_VERIFY_FAILED );
}
if( mbedtls_lms_network_bytes_to_unsigned_int( MBEDTLS_LMOTS_TYPE_LEN,
sig + MBEDTLS_LMOTS_SIG_TYPE_OFFSET ) != MBEDTLS_LMOTS_SHA256_N32_W8 )
{