1
0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-25 04:35:59 +08:00

Fix NULL+0 in addition 0 + 0

Fix undefined behavior (typically harmless in practice) of
mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int() when
both operands are 0 and the left operand is represented with 0 limbs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2022-11-15 22:59:00 +01:00
parent cab02f6bc8
commit 103cf59e46
2 changed files with 9 additions and 0 deletions

View File

@@ -0,0 +1,4 @@
Bugfix
* Fix undefined behavior (typically harmless in practice) of
mbedtls_mpi_add_mpi(), mbedtls_mpi_add_abs() and mbedtls_mpi_add_int()
when both operands are 0 and the left operand is represented with 0 limbs.

View File

@@ -1130,6 +1130,11 @@ int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
if( B->p[j - 1] != 0 ) if( B->p[j - 1] != 0 )
break; break;
/* Exit early to avoid undefined behavior on NULL+0 when X->n == 0
* and B is 0 (of any size). */
if( j == 0 )
return( 0 );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
o = B->p; p = X->p; c = 0; o = B->p; p = X->p; c = 0;