From 5bcb24b56ec39069c75c747555c3d3c259b84f2c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 8 Nov 2019 17:33:29 +0100 Subject: [PATCH] Fix output buffer length check in pk_opaque_sign_wrap --- library/pk_wrap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 7ffb2c0c9b..702c3bbb41 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -1019,7 +1019,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, return( mbedtls_psa_err_translate_pk( status ) ); buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( psa_get_key_bits( &attributes ) ); psa_reset_key_attributes( &attributes ); - if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) + if( buf_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); /* make the signature */