8 lines
423 B
Plaintext
Executable File
8 lines
423 B
Plaintext
Executable File
Security
|
|
* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|
|
|A| - |B| where |B| is larger than |A| and has more limbs (so the
|
|
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
|
|
applications calling mbedtls_mpi_sub_abs() directly are affected:
|
|
all calls inside the library were safe since this function is
|
|
only called with |A| >= |B|. Reported by Guido Vranken in #4042.
|