mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 03:35:39 +01:00
a4bfaa8204
Previously, reference counting for the CRT frames and PK contexts
handed out by mbedtls_x509_crt_{frame|pk}_acquire() was implemented
only in case threading support was enabled, which leaves the door
open for a potential use-after-free should a single-threaded application
use nested calls to mbedtls_x509_crt_acquire().
Since Mbed TLS itself does not use such nested calls, it might be
preferred long-term to forbid nesting of acquire calls on the API
level, and hence get rid of reference counting in the interest of
code-size benefits. However, this can be considered as an optimization
of X.509 on demand parsing, and for now this commit introduces
reference counting unconditionally to have a safe version of
on demand parsing to build further optimizations upon.
|
||
|---|---|---|
| .. | ||
| mbedtls | ||
| tinycrypt | ||
| .gitignore | ||
| CMakeLists.txt | ||