Skip to content

Commit

Permalink
Fix 1-byte buffer overflow in mbedtls_mpi_write_string()
Browse files Browse the repository at this point in the history
This can only occur for negative numbers. Fixes Mbed-TLS#2404.
  • Loading branch information
Hanno Becker authored and yanesca committed Mar 6, 2019
1 parent 3a70ab9 commit eff335d
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions library/bignum.c
Original file line number Diff line number Diff line change
Expand Up @@ -572,7 +572,10 @@ int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix,
mbedtls_mpi_init( &T );

if( X->s == -1 )
{
*p++ = '-';
buflen--;
}

if( radix == 16 )
{
Expand Down

0 comments on commit eff335d

Please sign in to comment.