mbedtls/library
Sanne Wouda 073a070590 Add end-of-buffer check to prevent heap-buffer-overflow
Dereference of *p should not happen when it points past the end of the
buffer.

Internal reference: IOTSSL-1663
2017-09-13 11:52:03 +01:00
..
.gitignore
aes.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
aesni.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
arc4.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
asn1parse.c Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-12 17:45:29 +01:00
asn1write.c Fix potential double free in cert writing code 2015-12-10 11:24:35 +01:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-20 21:51:18 +00:00
bignum.c Merge remote-tracking branch 'hanno/mpi_read_file_underflow_backport-2.1' into mbedtls-2.1 2017-06-08 19:51:19 +02:00
blowfish.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
camellia.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ccm.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
certs.c X.509 self-tests: replaced SHA-1 certificates by SHA-256 2017-06-06 19:08:23 +02:00
cipher_wrap.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
cipher.c Fix integer overflows in buffer bound checks 2017-02-20 21:49:01 +00:00
CMakeLists.txt Update version number to 2.1.9 2017-08-10 11:51:47 +01:00
ctr_drbg.c Fix integer overflows in buffer bound checks 2017-02-20 21:49:01 +00:00
debug.c Fix macroization of inline in C++ 2015-10-05 11:41:36 +01:00
des.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
dhm.c Backport 2.1: Check rc of mbedtls_mpi_fill_random 2017-07-20 01:25:53 +02:00
ecdh.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ecdsa.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ecp_curves.c ECP: Prevent freeing a buffer on stack 2017-02-28 18:56:35 +00:00
ecp.c Backport 2.1: Check rc of mbedtls_mpi_fill_random 2017-07-20 01:25:53 +02:00
entropy_poll.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
entropy.c Rename time and index parameter to avoid name conflict. 2017-07-28 22:14:55 +01:00
error.c Only return VERIFY_FAILED from a single point 2017-07-28 12:20:48 +01:00
gcm.c Backport 2.1: check if iv is zero in gcm. 2017-07-20 00:30:44 +02:00
havege.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
hmac_drbg.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Makefile Make ar invocation more portable 2016-01-08 14:52:14 +01:00
md2.c Fix integer overflows in buffer bound checks 2017-02-20 21:49:01 +00:00
md4.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md5.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md_wrap.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
memory_buffer_alloc.c Fixes memory leak in memory_buffer_alloc.c debug 2016-05-05 17:51:09 +01:00
net.c Clarify Comments and Fix Typos (#651) 2017-02-25 19:44:47 +00:00
oid.c Fix typo in an OID name 2015-11-02 05:58:10 +09:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Fix unused variable/function compilation warnings 2017-02-25 19:48:32 +00:00
pk_wrap.c Fix data loss in unsigned int cast in PK 2017-02-25 20:37:43 +00:00
pk.c Fix data loss in unsigned int cast in PK 2017-02-25 20:37:43 +00:00
pkcs5.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Fix stack buffer overflow in pkcs12 2015-09-28 19:47:50 +02:00
pkparse.c Add end-of-buffer check to prevent heap-buffer-overflow 2017-09-13 11:52:03 +01:00
pkwrite.c Fix other occurrences of same bounds check issue 2015-11-02 10:43:03 +09:00
platform.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ripemd160.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
rsa.c Merge remote-tracking branch 'restricted/iotssl-1138-rsa-padding-check-2.1-restricted' into mbedtls-2.1-restricted 2017-06-08 20:33:53 +02:00
sha1.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
sha256.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
sha512.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ssl_cache.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ssl_ciphersuites.c Undo API change 2017-06-20 19:33:51 +01:00
ssl_cli.c Fix mbedtls_ssl_read 2017-06-08 14:04:22 +01:00
ssl_cookie.c Backport 2.1:Resource leak in ssl_cookie and mutex 2017-03-02 21:11:16 +00:00
ssl_srv.c Merge remote-tracking branch 'gilles/iotssl-1223/mbedtls-2.1' into mbedtls-2.1 2017-06-06 20:12:51 +02:00
ssl_ticket.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
ssl_tls.c Ensure application data records are not kept when fully processed 2017-06-09 10:51:37 +01:00
threading.c Fix bug in threading sample implementation #667 2017-05-15 13:22:51 +01:00
timing.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
version_features.c Remove MBEDTLS_SSL_AEAD_RANDOM_IV feature 2016-10-13 10:35:34 +01:00
version.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
x509_create.c Fix other occurrences of same bounds check issue 2015-11-02 10:43:03 +09:00
x509_crl.c Fix potential integer overflow parsing DER CRL 2017-07-26 17:56:42 +01:00
x509_crt.c Improve comments 2017-07-28 12:20:48 +01:00
x509_csr.c Prevent signed integer overflow in CSR parsing 2017-07-26 17:59:20 +01:00
x509.c Rename time and index parameter to avoid name conflict. 2017-07-28 22:14:55 +01:00
x509write_crt.c Rename time and index parameter to avoid name conflict. 2017-07-28 22:14:55 +01:00
x509write_csr.c Add missing bounds check in X509 DER write funcs 2016-10-11 16:52:06 +01:00
xtea.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00