yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 14:15:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
6c371a4067
mbedtls/library
History
Andrzej Kurek 3fd9297658 Guard from undefined behaviour in case of an INT_MAX max_pathlen 
When parsing a certificate with the basic constraints extension
the max_pathlen that was read from it was incremented regardless
of its value. However, if the max_pathlen is equal to INT_MAX (which
is highly unlikely), an undefined behaviour would occur.
This commit adds a check to ensure that such value is not accepted
as valid. Relevant tests for INT_MAX and INT_MAX-1 are also introduced.
Certificates added in this commit were generated using the
test_suite_x509write, function test_x509_crt_check. Input data taken
from the "Certificate write check Server1 SHA1" test case, so the generated
files are like the "server1.crt", but with the "is_ca" field set to 1 and
max_pathlen as described by the file name.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-17 11:30:21 +02:00
..
.gitignore
aes.c Zeroize local AES variables before exiting the function 2019-11-12 03:23:51 -05:00
aesni.c
arc4.c
asn1parse.c
asn1write.c Fix ASN1 bitstring writing 2019-02-11 21:10:48 +00:00
base64.c
bignum.c Minor comment improvement 2020-02-03 16:34:53 +01:00
blowfish.c
camellia.c
ccm.c enforce input and output of ccm selftest on stack 2018-07-30 11:43:08 +03:00
certs.c Fix comment to match reality 2020-02-04 09:52:27 +01:00
cipher_wrap.c Fix after PR comments 2018-06-21 14:03:14 +03:00
cipher.c Remove redundant block_size validity check 2020-01-22 19:09:05 +01:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7 2018-06-27 11:11:34 +01:00
CMakeLists.txt Bump version to Mbed TLS 2.7.15 2020-04-08 17:22:51 +01:00
ctr_drbg.c Merge remote-tracking branch 'origin/mbedtls-2.7' into mbedtls-2.7-restricted 2020-01-15 16:59:10 +00:00
debug.c Return from debugging functions if SSL context is unset 2018-08-23 14:57:39 +01:00
des.c
dhm.c
ecdh.c Fix ecdh_get_params with mismatching group 2019-02-21 18:17:05 +01:00
ecdsa.c ECDSA: Fix side channel vulnerability 2019-10-25 09:01:34 +01:00
ecjpake.c Fix handling of md failure 2019-07-08 15:26:09 +02:00
ecp_curves.c
ecp.c Fix leakage of projective coordinates in ECC 2020-04-01 11:28:08 +02:00
entropy_poll.c Add missing bracket 2018-11-05 12:17:15 +00:00
entropy.c
error.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
gcm.c
havege.c Prevent building the HAVEGE module on platforms where it doesn't work 2019-07-05 11:33:10 +02:00
hmac_drbg.c HMAC_DRBG: support set_entropy_len() before seed() 2019-10-23 18:01:25 +02:00
Makefile Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
md2.c
md4.c
md5.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
md_wrap.c
md.c
memory_buffer_alloc.c Fix braces in mbedtls_memory_buffer_alloc_status() 2018-05-23 16:32:33 +01:00
net_sockets.c net_sockets: Fix typo in net_would_block() 2019-06-20 16:28:10 +01:00
oid.c
padlock.c
pem.c
pk_wrap.c Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH 2018-03-30 18:43:16 +02:00
pk.c
pkcs5.c Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:58 +01:00
pkcs11.c
pkcs12.c Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:53:50 +01:00
pkparse.c Fix pkparse bug wrt MBEDTLS_RSA_ALT 2020-02-18 11:27:08 +01:00
pkwrite.c Fix pk_write with an EC key to write a constant-length private value 2018-09-04 11:22:08 +02:00
platform.c Omit runtime configuration of calloc/free if macro config enabled 2018-10-11 11:10:14 +01:00
ripemd160.c
rsa_internal.c
rsa.c Parse RSA parameters DP, DQ and QP from PKCS1 private keys 2020-01-29 13:13:04 -05:00
sha1.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha256.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
sha512.c Fix Lucky 13 cache attack on MD/SHA padding 2018-07-12 10:18:37 +02:00
ssl_cache.c
ssl_ciphersuites.c Reduce priority of 3DES ciphersuites 2019-02-13 09:52:46 +00:00
ssl_cli.c Merge remote-tracking branch 'restricted/pr/671' into mbedtls-2.7-restricted 2020-04-09 11:57:18 +02:00
ssl_cookie.c
ssl_srv.c Fix #2370, minor typos and spelling mistakes 2019-02-18 15:57:54 +00:00
ssl_ticket.c Indentation fix 2018-10-26 10:08:29 +01:00
ssl_tls.c Fix bug in handling of DTLS client hard reconnect 2020-03-31 13:04:19 +02:00
threading.c
timing.c timing: Remove redundant include file 2019-06-20 16:28:10 +01:00
version_features.c Reduce priority of 3DES ciphersuites 2019-02-13 09:52:46 +00:00
version.c
x509_create.c
x509_crl.c Always return a high-level error code from X.509 module 2019-06-04 14:03:27 +01:00
x509_crt.c Guard from undefined behaviour in case of an INT_MAX max_pathlen 2020-04-17 11:30:21 +02:00
x509_csr.c Fix CSR parsing header call 2018-12-05 23:23:39 +00:00
x509.c Correct comment on the configuration option in x509.c 2020-03-28 00:43:40 +00:00
x509write_crt.c Change size of preallocated buffer for pk_sign() calls 2019-06-06 13:06:46 +02:00
x509write_csr.c Add missing return code check on call to mbedtls_md() 2020-01-22 19:06:32 +01:00
xtea.c