From b56113c2206ed0652f9ad101ba2ac38bf050fd2c Mon Sep 17 00:00:00 2001
From: yannaingtun <yannaingtun2007@gmail.com>
Date: Mon, 3 Mar 2025 17:01:47 +0800
Subject: [PATCH] Fix X509 parsing vulnerabilities (CVE-2018-16149,
 CVE-2018-16150)

---
 .../tool/mbed/mbed-sdk/libraries/net/https/axTLS/ssl/x509.c    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tmk_core/tool/mbed/mbed-sdk/libraries/net/https/axTLS/ssl/x509.c b/tmk_core/tool/mbed/mbed-sdk/libraries/net/https/axTLS/ssl/x509.c
index 4f88c8738d..89bba3fe54 100644
--- a/tmk_core/tool/mbed/mbed-sdk/libraries/net/https/axTLS/ssl/x509.c
+++ b/tmk_core/tool/mbed/mbed-sdk/libraries/net/https/axTLS/ssl/x509.c
@@ -279,7 +279,8 @@ static bigint *sig_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
     ctx->mod_offset = BIGINT_M_OFFSET;
 
     i = 10; /* start at the first possible non-padded byte */
-    while (block[i++] && i < sig_len);
+    // while (block[i++] && i < sig_len);
+    while (i < sig_len && block[i++]);
     size = sig_len - i;
 
     /* get only the bit we want */