fd2d434dd3
Cherry picked from libtommath 7bbc1f8e4fe6dce75055957645117180768efb15.
Vulnerability Detail:
CVE Identifier: CVE-2023-36328
Description: Integer Overflow vulnerability in mp_grow in libtom
libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9,
allows attackers to execute arbitrary code and cause a denial of
service (DoS).
Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-36328
Reported-by: https://github.com/Crispy-fried-chicken
30 lines
583 B
C
30 lines
583 B
C
#include "tommath_private.h"
|
|
#ifdef BN_MP_INIT_SIZE_C
|
|
/* LibTomMath, multiple-precision integer library -- Tom St Denis */
|
|
/* SPDX-License-Identifier: Unlicense */
|
|
|
|
/* init an mp_init for a given size */
|
|
mp_err mp_init_size(mp_int *a, int size)
|
|
{
|
|
|
|
if (size < 0) {
|
|
return MP_VAL;
|
|
}
|
|
|
|
size = MP_MAX(MP_MIN_PREC, size);
|
|
|
|
/* alloc mem */
|
|
a->dp = (mp_digit *) MP_CALLOC((size_t)size, sizeof(mp_digit));
|
|
if (a->dp == NULL) {
|
|
return MP_MEM;
|
|
}
|
|
|
|
/* set the members */
|
|
a->used = 0;
|
|
a->alloc = size;
|
|
a->sign = MP_ZPOS;
|
|
|
|
return MP_OKAY;
|
|
}
|
|
#endif
|