Skip to content

Commit

Permalink
Fixed Potential Integer Overflow in ASN1Reader::Next() Method (#19627)
Browse files Browse the repository at this point in the history
  • Loading branch information
emargolis authored and pull[bot] committed Aug 12, 2022
1 parent 4f16224 commit 2064993
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/lib/asn1/ASN1Reader.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,9 @@ CHIP_ERROR ASN1Reader::Next()
ReturnErrorCodeIf(EndOfContents, ASN1_END);
ReturnErrorCodeIf(IndefiniteLen, ASN1_ERROR_UNSUPPORTED_ENCODING);

mElemStart += (mHeadLen + ValueLen);
// Note: avoid using addition assignment operator (+=), which may result in integer overflow
// in the right hand side of an assignment (mHeadLen + ValueLen).
mElemStart = mElemStart + mHeadLen + ValueLen;

ResetElementState();

Expand Down

0 comments on commit 2064993

Please sign in to comment.