Merge branch 'misc' into development

Fixes github #358, #362 and IOTSSL-536
2025-07-29 11:41:15 +03:00 · 2015-12-22 18:56:56 +00:00
parent 207990dcf5 1e07562da4
commit fabce5e137
4 changed files with 48 additions and 3 deletions
--- a/library/gcm.c
+++ b/library/gcm.c
@ -362,7 +362,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
    /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
     * Also check for possible overflow */
    if( ctx->len + length < ctx->len ||
-        (uint64_t) ctx->len + length > 0x03FFFFE0ull )
+        (uint64_t) ctx->len + length > 0xFFFFFFFE0ull )
    {
        return( MBEDTLS_ERR_GCM_BAD_INPUT );
    }
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -2584,7 +2584,9 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
    {
        dn_size = crt->subject_raw.len;

-        if( end < p || (size_t)( end - p ) < 2 + dn_size )
+        if( end < p ||
+            (size_t)( end - p ) < dn_size ||
+            (size_t)( end - p ) < 2 + dn_size )
        {
            MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) );
            break;