Skip to content

Commit 0a03940

Browse files
rizlikrizlik
committed
wolfcrypt: wc_ecc_cmp_param: check string len before strncmp
also return -1 on param mismatch.
1 parent 8970ff4 commit 0a03940

1 file changed

Lines changed: 5 additions & 2 deletions

File tree

wolfcrypt/src/ecc.c

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4279,8 +4279,11 @@ static int wc_ecc_cmp_param(const char* curveParam,
42794279
if (param == NULL || curveParam == NULL)
42804280
return BAD_FUNC_ARG;
42814281

4282-
if (encType == WC_TYPE_HEX_STR)
4283-
return XSTRNCMP(curveParam, (char*) param, paramSz);
4282+
if (encType == WC_TYPE_HEX_STR) {
4283+
if ((word32)XSTRLEN(curveParam) != paramSz)
4284+
return -1;
4285+
return (XSTRNCMP(curveParam, (char*) param, paramSz) == 0) ? 0 : -1;
4286+
}
42844287

42854288
#ifdef WOLFSSL_SMALL_STACK
42864289
a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);

0 commit comments

Comments
 (0)