Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

uECC_vli_mmod: Avoid potential buffer overrun #182

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

uECC_vli_mmod: Avoid potential buffer overrun #182

wants to merge 1 commit into from

Conversation

kjbracey
Copy link

The shifting copy of mod into mod_multiple would overrun the destination if the high word of mod was zero, so word_shift > num_words.

This is not the case for any curve p or n, but this part of the code is written as if to support arbitrary mod, comment disclaimer notwithstanding.

Issue was detected via a static analysis tool.

Alternative would be to reduce the genericness and just use vli_numDigits on the high word to get bit_shift, and use num_words as word_shift.

@kjbracey
uECC_vli_mmod: Avoid potential buffer overrun
3fc9fb4 
The shifting copy of `mod` into `mod_multiple` would overrun the
destination if the high word of `mod` was zero, so `word_shift` >
`num_words`.

This is not the case for any curve p or n, but this part of the code is
written as if to support arbitrary `mod`, comment disclaimer
notwithstanding.

Issue was detected via a static analysis tool.

Alternative would be to reduce the genericness and just use
`vli_numDigits` on the high word to get `bit_shift`, and use `num_words`
as `word_shift`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kjbracey