Fix incrementing pointer instead of value

This was introduced by a hasty search-and-replace that didn't account for C's operator precedence when changing those variables to pointer types.
2024-11-25 17:15:42 +01:00 · 2020-01-24 12:11:56 +01:00 · 2020-01-24 12:11:56 +01:00 · aa377cf111
commit aa377cf111
parent c0213a91ab
2 changed files with 11 additions and 3 deletions
--- a/10
+++ b/10
@ -63,7 +63,15 @@ Changes
   * Reduce RAM consumption during session renegotiation by not storing
     the peer CRT chain and session ticket twice.

-= mbed TLS 2.16.x branch released xxxx-xx-xx
+= mbed TLS 2.16.5 branch released xxxx-xx-xx
+
+Security
+   * Fix potential memory overread when performing an ECDSA signature
+     operation. The overread only happens with cryptographically low
+     probability (of the order of 2^-n where n is the bitsize of the curve)
+     unless the RNG is broken, and could result in information disclosure or
+     denial of service (application crash or extra resource consumption).
+     Reported by Peter and Auke (found using static analysis).

 Bugfix
   * Fix an unchecked call to mbedtls_md() in the x509write module.
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -297,7 +297,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
    *p_sign_tries = 0;
    do
    {
-        if( *p_sign_tries++ > 10 )
+        if( (*p_sign_tries)++ > 10 )
        {
            ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
            goto cleanup;
@ -310,7 +310,7 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
        *p_key_tries = 0;
        do
        {
-            if( *p_key_tries++ > 10 )
+            if( (*p_key_tries)++ > 10 )
            {
                ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
                goto cleanup;