Merge remote-tracking branch 'upstream-public/pr/2753' into development

2019-08-14 16:00:11 +02:00 · 2019-08-14 16:00:11 +02:00 · 1435767d2a
commit 1435767d2a
parent 681edbeaa6 bf84d503b3
2 changed files with 5 additions and 2 deletions
--- a/3
+++ b/3
@ -93,6 +93,9 @@ Bugfix
   * Fix the build on ARMv5TE in ARM mode to not use assembly instructions
     that are only available in Thumb mode. Fix contributed by Aurelien Jarno
     in #2169.
+   * Fix propagation of restart contexts in restartable EC operations.
+     This could previously lead to segmentation faults in builds using an
+     address-sanitizer and enabling but not using MBEDTLS_ECP_RESTARTABLE.

 Changes
   * Server's RSA certificate in certs.c was SHA-1 signed. In the default
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -172,11 +172,11 @@ static void ecdsa_restart_det_free( mbedtls_ecdsa_restart_det_ctx *ctx )
 }
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */

-#define ECDSA_RS_ECP    &rs_ctx->ecp
+#define ECDSA_RS_ECP    ( rs_ctx == NULL ? NULL : &rs_ctx->ecp )

 /* Utility macro for checking and updating ops budget */
 #define ECDSA_BUDGET( ops )   \
-    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, &rs_ctx->ecp, ops ) );
+    MBEDTLS_MPI_CHK( mbedtls_ecp_check_budget( grp, ECDSA_RS_ECP, ops ) );

 /* Call this when entering a function that needs its own sub-context */
 #define ECDSA_RS_ENTER( SUB )   do {                                 \