mbedtls/library
Andres AG 3df4e4e1d0 Prevent signed integer overflow in CSR parsing
Modify the function x509_csr_parse_der() so that it checks the parsed
CSR version integer before it increments the value. This prevents a
potential signed integer overflow, as these have undefined behaviour in
the C standard.
2017-07-27 11:50:58 +01:00
..
.gitignore
aes.c
aesni.c
arc4.c
asn1parse.c Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-13 12:54:32 +01:00
asn1write.c Merge memory leak fix into branch 'mbedtls-1.3' 2016-01-02 00:28:19 +00:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-25 21:27:17 +00:00
bignum.c Merge remote-tracking branch 'hanno/mpi_read_file_underflow_backport-1.3' into mbedtls-1.3 2017-06-08 19:54:29 +02:00
blowfish.c
camellia.c
ccm.c Fix for MSVC Compiler warnings 2016-11-10 15:40:53 +00:00
certs.c
cipher_wrap.c
cipher.c Fix integer overflows in buffer bound checks 2017-02-25 21:25:44 +00:00
CMakeLists.txt Update the version number to 1.3.20 2017-06-20 23:46:46 +01:00
ctr_drbg.c Fix integer overflows in buffer bound checks 2017-02-25 21:25:44 +00:00
debug.c Revert "Avoid formatting debug message uselessly" 2015-08-10 17:36:47 +02:00
des.c
dhm.c Backport 1.3: Check rc of mbedtls_mpi_fill_random 2017-07-20 01:26:53 +02:00
ecdh.c
ecdsa.c
ecp_curves.c ECP: Prevent freeing a buffer on stack 2017-02-28 20:24:52 +00:00
ecp.c Backport 1.3: Check rc of mbedtls_mpi_fill_random 2017-07-20 01:26:53 +02:00
entropy_poll.c Fix -Wshadow warnings 2015-08-31 11:07:51 +02:00
entropy.c
error.c
gcm.c Backport 1.3: check if iv is zero in gcm. 2017-07-20 00:33:27 +02:00
havege.c
hmac_drbg.c
Makefile Make ar invocation more portable 2016-01-08 15:28:40 +01:00
md2.c Fix integer overflows in buffer bound checks 2017-02-25 21:25:44 +00:00
md4.c Fix warning with MD/SHA ALT implementation 2015-08-31 11:22:47 +02:00
md5.c Fix warning with MD/SHA ALT implementation 2015-08-31 11:22:47 +02:00
md_wrap.c
md.c
memory_buffer_alloc.c
net.c Fix for net_usleep() timing selftest on mingw 2016-01-15 14:36:08 +00:00
oid.c Fix typo in an OID name 2015-10-27 15:12:39 +01:00
padlock.c
pbkdf2.c
pem.c Fix buffer overreads in mbedtls_pem_read_buffer() 2017-02-25 21:25:06 +00:00
pk_wrap.c Fix data loss in unsigned int cast in PK 2017-02-15 10:44:02 +00:00
pk.c Fix data loss in unsigned int cast in PK 2017-02-15 10:44:02 +00:00
pkcs5.c
pkcs11.c
pkcs12.c Fix stack buffer overflow in pkcs12 2015-09-30 16:46:07 +02:00
pkparse.c
pkwrite.c Fix other occurrences of same bounds check issue 2015-10-27 11:47:37 +01:00
platform.c Fix compile errors with NO_STD_FUNCTIONS 2015-06-03 10:20:33 +01:00
ripemd160.c
rsa.c Merge remote-tracking branch 'restricted/iotssl-1138-rsa-padding-check-1.3-restricted' into mbedtls-1.3-restricted 2017-06-08 20:34:40 +02:00
sha1.c Fix warning with MD/SHA ALT implementation 2015-08-31 11:22:47 +02:00
sha256.c Fix warning with MD/SHA ALT implementation 2015-08-31 11:22:47 +02:00
sha512.c Fix warning with MD/SHA ALT implementation 2015-08-31 11:22:47 +02:00
ssl_cache.c
ssl_ciphersuites.c Remember suitable hash function for any signature algorithm. 2017-05-24 10:47:54 +01:00
ssl_cli.c Fix mbedtls_ssl_read 2017-06-08 15:59:38 +01:00
ssl_srv.c Don't parse or write extensions in SSLv3 2017-06-09 15:30:29 +01:00
ssl_tls.c Ensure application data records are not kept when fully processed 2017-06-09 10:52:45 +01:00
threading.c
timing.c Increase tolerance of timing selftest 2015-08-19 14:48:34 +02:00
version_features.c Update features list 2016-10-13 22:11:15 +01:00
version.c
x509_create.c Fix other occurrences of same bounds check issue 2015-10-27 11:47:37 +01:00
x509_crl.c Fix potential integer overflow parsing DER CRL 2017-07-27 11:49:08 +01:00
x509_crt.c Fix potential integer overflow parsing DER CRT 2017-07-27 11:50:04 +01:00
x509_csr.c Prevent signed integer overflow in CSR parsing 2017-07-27 11:50:58 +01:00
x509.c Fix integration of bugfix for #626 2016-10-17 22:41:54 +01:00
x509write_crt.c Add missing bounds check in X509 DER write funcs 2016-10-13 12:45:07 +01:00
x509write_csr.c Add missing bounds check in X509 DER write funcs 2016-10-13 12:45:07 +01:00
xtea.c