Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2013-06-22 11:20:53 +0400
committerPeter Dettman <peter.dettman@bouncycastle.org>2013-06-22 11:20:53 +0400
commit4c9a11fbeb5a95c407c00bfe33f1b836078378ce (patch)
treeef905fca69c10e91b8eb1d855bd75068db799fda /core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
parentd80f2c89d6953c0d2587e2985451b6ff44b35365 (diff)
Add checks on various lengths to make sure they aren't overflowing their
type
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java')
-rw-r--r--core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java12
1 files changed, 9 insertions, 3 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
index 890e7280..07c223a3 100644
--- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
+++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
@@ -64,7 +64,9 @@ public class TlsECCUtils
}
ByteArrayOutputStream buf = new ByteArrayOutputStream();
- TlsUtils.writeUint16(2 * namedCurves.length, buf);
+ int length = 2 * namedCurves.length;
+ TlsUtils.checkUint16(length);
+ TlsUtils.writeUint16(length, buf);
TlsUtils.writeUint16Array(namedCurves, buf);
return buf.toByteArray();
}
@@ -91,7 +93,8 @@ public class TlsECCUtils
}
ByteArrayOutputStream buf = new ByteArrayOutputStream();
- TlsUtils.writeUint8((short) ecPointFormats.length, buf);
+ TlsUtils.checkUint8(ecPointFormats.length);
+ TlsUtils.writeUint8(ecPointFormats.length, buf);
TlsUtils.writeUint8Array(ecPointFormats, buf);
return buf.toByteArray();
}
@@ -524,7 +527,9 @@ public class TlsECCUtils
TlsUtils.writeUint8(ECCurveType.explicit_char2, output);
ECCurve.F2m f2m = (ECCurve.F2m) curve;
- TlsUtils.writeUint16(f2m.getM(), output);
+ int m = f2m.getM();
+ TlsUtils.checkUint16(m);
+ TlsUtils.writeUint16(m, output);
if (f2m.isTrinomial())
{
@@ -570,6 +575,7 @@ public class TlsECCUtils
}
TlsUtils.writeUint8(ECCurveType.named_curve, output);
+ TlsUtils.checkUint16(namedCurve);
TlsUtils.writeUint16(namedCurve, output);
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-07 11:14:55 +0300