You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jun 11, 2026. It is now read-only.
In file File https://github.com/microsoft/RIoT/blob/master/Reference/RIoT/RIoTCrypt/derenc.c, line 291:
negative = Val[numLeadingZeros] >= 128;
This function is called by DerAddInteger like this:
long valx = htonl(Val); // TODO: REMOVE USAGE
int res = DERAddIntegerFromArray(Context, (uint8_t*)&valx, 4);
suppose long is 32 bytes and the value of Val is 0, then numLeadingzeros = 4,
so Val[4] is read, but this is the 5th byte, so out of bounds