From 548e2dbf6511cc004c647657e43e848b83a19d2b Mon Sep 17 00:00:00 2001 From: Minos Galanakis Date: Mon, 2 Jun 2025 14:17:38 +0100 Subject: [PATCH] Built-in lms driver: Added input guard Signed-off-by: Minos Galanakis --- library/lms.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/lms.c b/library/lms.c index 7f7bec068b..4bdfd434ad 100644 --- a/library/lms.c +++ b/library/lms.c @@ -242,6 +242,10 @@ int mbedtls_lms_import_public_key(mbedtls_lms_public_t *ctx, mbedtls_lms_algorithm_type_t type; mbedtls_lmots_algorithm_type_t otstype; + if (key_size < 4) { + return MBEDTLS_ERR_LMS_BAD_INPUT_DATA; + } + type = (mbedtls_lms_algorithm_type_t) MBEDTLS_GET_UINT32_BE(key, PUBLIC_KEY_TYPE_OFFSET); if (type != MBEDTLS_LMS_SHA256_M32_H10) { return MBEDTLS_ERR_LMS_BAD_INPUT_DATA;