mpi: Explicitly limit the allowed input length for gcry_mpi_scan.
authorWerner Koch <wk@gnupg.org>
Fri, 1 Apr 2016 11:42:01 +0000 (13:42 +0200)
committerWerner Koch <wk@gnupg.org>
Fri, 1 Apr 2016 11:49:01 +0000 (13:49 +0200)
commit862cf19a119427dd7ee7959a36c72d905f5ea5ca
tree1b1dfe4e823e4faf11639e5aa06d90d0c0e1a02a
parentfcce0cb6e8af70b134c6ecc3f56afa07a7d31f27
mpi: Explicitly limit the allowed input length for gcry_mpi_scan.

* mpi/mpicoder.c (MAX_EXTERN_SCAN_BYTES): New.
(mpi_fromstr): Check against this limit.
(_gcry_mpi_scan): Ditto.
* tests/mpitests.c (test_maxsize): New.
(main): Cal that test.
--

A too large buffer length may lead to an unsigned integer overflow on
systems where size_t > unsigned int (ie. 64 bit systems).  The
computation of the required number of nlimbs may also be affected by
this.  However this is not a real world case because any processing
which has allocated such a long buffer from an external source would
be prone to other DoS attacks: The required buffer length to exhibit
this overflow is at least 2^32 - 8 bytes.

Signed-off-by: Werner Koch <wk@gnupg.org>
doc/gcrypt.texi
mpi/mpicoder.c
tests/mpitests.c