yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-24 22:15:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add missing bounds check in X509 DER write funcs

Browse source 
This patch adds checks in both mbedtls_x509write_crt_der and
mbedtls_x509write_csr_der before the signature is written to buf
using memcpy().
This commit is contained in:
Andres AG 2016-09-02 15:23:48 +01:00 committed by Simon Butcher
parent 441d6f9833
commit 0c12bd69f5
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog
View file

@ -11,6 +11,10 @@ Security
mbedtls_x509write_csr_der() when the signature is copied to the buffer mbedtls_x509write_csr_der() when the signature is copied to the buffer
without checking whether there is enough space in the destination. The without checking whether there is enough space in the destination. The
issue cannot be triggered remotely. (found by Jethro Beekman) issue cannot be triggered remotely. (found by Jethro Beekman)
* Fix potential stack corruption in mbedtls_x509write_crt_der() and
mbedtls_x509write_csr_der() when the signature is copied to the buffer
without checking whether there is enough space in the destination. It is
not triggerable remotely in SSL/TLS.
Bugfix Bugfix
* Fix an issue that caused valid certificates being rejected whenever an * Fix an issue that caused valid certificates being rejected whenever an