From d22a7933d240818d8f1d22ae4daf22d192e968c6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Jan 2020 16:56:03 +0100
Subject: [PATCH 1/4] Add missing return code check on call to mbedtls_md()

---
 library/x509write_csr.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index d6e8c1306..8582a8b20 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -230,7 +230,9 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
     /*
      * Prepare signature
      */
-    mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+    ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+    if( ret != 0 )
+        return( ret );
 
     if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
                                  f_rng, p_rng ) ) != 0 )

From f4dd8a9a19b3b958bea927dccfdac10f73e1807b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Jan 2020 19:04:19 +0100
Subject: [PATCH 2/4] Add changelog entry for the unchecked mbedtls_md call

---
 ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index c6ec52e7a..240edf953 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 2.7.x branch released xxxx-xx-xx
+
+Bugfix
+   * Fix an unchecked call to mbedtls_md() in the x509write module.
+
 = mbed TLS 2.7.13 branch released 2020-01-15
 
 Security

From 0f595f714a9d8de34f93239f1dc12dc8338f50f8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Jan 2020 15:02:14 +0100
Subject: [PATCH 3/4] Remove redundant block_size validity check

Check the value only once, as soon as we've obtained it.
---
 library/cipher.c | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/library/cipher.c b/library/cipher.c
index bd39e4f09..b4101823c 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -282,6 +282,10 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
 
     *olen = 0;
     block_size = mbedtls_cipher_get_block_size( ctx );
+    if ( 0 == block_size )
+    {
+        return( MBEDTLS_ERR_CIPHER_INVALID_CONTEXT );
+    }
 
     if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
     {
@@ -308,11 +312,6 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
     }
 #endif
 
-    if ( 0 == block_size )
-    {
-        return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
-    }
-
     if( input == output &&
        ( ctx->unprocessed_len != 0 || ilen % block_size ) )
     {
@@ -371,11 +370,6 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
          */
         if( 0 != ilen )
         {
-            if( 0 == block_size )
-            {
-                return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
-            }
-
             /* Encryption: only cache partial blocks
              * Decryption w/ padding: always keep at least one whole block
              * Decryption w/o padding: only cache partial blocks

From 16ba09c6214bdabbc4904d60547bd35901c4abb2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Jan 2020 16:30:53 +0100
Subject: [PATCH 4/4] Check that mbedtls_mpi_grow succeeds

---
 tests/suites/test_suite_mpi.function | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 820cde271..f63f2e670 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -345,8 +345,8 @@ void mbedtls_mpi_lt_mpi_ct( int size_X, char * input_X,
     TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 );
     TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 );
 
-    mbedtls_mpi_grow( &X, size_X );
-    mbedtls_mpi_grow( &Y, size_Y );
+    TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
+    TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
 
     TEST_ASSERT( mbedtls_mpi_lt_mpi_ct( &X, &Y, &ret ) == input_err );
     if( input_err == 0 )