From 1215c54754bc3a40efafc74d65c5155923934c22 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Fri, 19 Jun 2020 11:59:49 +0200
Subject: [PATCH] Add length check in ecp_drbg_seed()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

While this is a static function, so right now we know we don't need the check,
things may change in the future, so better be on the safe side.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
---
 library/ecp.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/library/ecp.c b/library/ecp.c
index be9e42d912..7b205160af 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -181,6 +181,12 @@ static int ecp_drbg_seed( ecp_drbg_context *ctx,
     const mbedtls_md_type_t md_type = mbedtls_md_list()[0];
     const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
 
+    if( secret_len > MBEDTLS_ECP_MAX_BYTES )
+    {
+        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+        goto cleanup;
+    }
+
     MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
                                                secret_bytes, secret_len ) );
 
@@ -237,6 +243,12 @@ static int ecp_drbg_seed( ecp_drbg_context *ctx,
     int ret;
     unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
 
+    if( secret_len > MBEDTLS_ECP_MAX_BYTES )
+    {
+        ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
+        goto cleanup;
+    }
+
     MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
                                                secret_bytes, secret_len ) );