Fix potential integer overflow parsing DER CRT

This patch prevents a potential signed integer overflow during the
certificate version verification checks.
This commit is contained in:
Andres AG 2017-03-09 16:16:11 +00:00 committed by Simon Butcher
parent ce49a25033
commit 6b171e4aec

View file

@ -237,6 +237,9 @@ Bugfix
digits. Found and fixed by Guido Vranken.
* Fix unlisted DES configuration dependency in some pkparse test cases. Found
by inestlerode. #555
* Fix a potential integer overflow in the version verification for DER
encoded X509 certificates. The overflow would enable maliciously
constructed certificates to bypass the certificate verification check.
= mbed TLS 2.4.1 branch released 2016-12-13