Prevent arithmetic overflow on bould check

2024-12-03 19:54:18 +01:00 · 2018-03-14 11:41:47 +01:00 · 2018-03-14 11:41:47 +01:00 · b5609f3ca5
commit b5609f3ca5
parent b3e8f9e2e6
1 changed files with 1 additions and 1 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -2488,7 +2488,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
        sig_len = ( p[0] << 8 ) | p[1];
        p += 2;

-        if( end != p + sig_len )
+        if( p != end - sig_len )
        {
            MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
            mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,