yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-23 17:55:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug in ssl_write_supported_elliptic_curves_ext

Browse source 
Passing invalid curves to mbedtls_ssl_conf_curves potentially could caused a
crash later in ssl_write_supported_elliptic_curves_ext. #373
This commit is contained in:
Janos Follath 2016-04-21 23:37:09 +01:00 committed by Simon Butcher
parent 7ddc2cdfce
commit 4e03439e6a
2 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -10,6 +10,8 @@ Bugfix
* Fix issue that caused a hang up when generating RSA keys of odd bitlength
* Fix bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt that made null pointer
dereference possible.
* Fix issue that caused a crash if invalid curves were passed to
mbedtls_ssl_conf_curves. #373
Changes
* On ARM platforms, when compiling with -O0 with GCC, Clang or armcc5,

7
library/ssl_cli.c
View file

@ -330,6 +330,12 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
for( info = ecp_curve_list(); info->grp_id != POLARSSL_ECP_DP_NONE; info++ )
{
#endif
if( info == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid curve in ssl configuration" ) );
return;
}
elliptic_curve_len += 2;
}
@ -349,7 +355,6 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
for( info = ecp_curve_list(); info->grp_id != POLARSSL_ECP_DP_NONE; info++ )
{
#endif
elliptic_curve_list[elliptic_curve_len++] = info->tls_id >> 8;
elliptic_curve_list[elliptic_curve_len++] = info->tls_id & 0xFF;
}