mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-22 19:45:34 +00:00
Fix memory leak with crafted X.509 certs
This commit is contained in:
parent
0369a5291b
commit
b134060f90
|
@ -6,6 +6,9 @@ Security
|
|||
* Fix remotely-triggerable uninitialised pointer dereference caused by
|
||||
crafted X.509 certificate (server is not affected if it doesn't ask for a
|
||||
client certificate) (found using Codenomicon Defensics).
|
||||
* Fix remotely-triggerable memory leak caused by crafted X.509 certificates
|
||||
(server is not affected if it doesn't ask for a client certificate)
|
||||
(found using Codenomicon Defensics).
|
||||
|
||||
Features
|
||||
* Add function pk_check_pair() to test if public and private keys match.
|
||||
|
|
|
@ -359,6 +359,9 @@ static int x509_get_subject_alt_name( unsigned char **p,
|
|||
/* Allocate and assign next pointer */
|
||||
if( cur->buf.p != NULL )
|
||||
{
|
||||
if( cur->next != NULL )
|
||||
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS );
|
||||
|
||||
cur->next = (asn1_sequence *) polarssl_malloc(
|
||||
sizeof( asn1_sequence ) );
|
||||
|
||||
|
|
|
@ -873,6 +873,10 @@ X509 Certificate ASN1 (ExtKeyUsage, bad second tag)
|
|||
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
|
||||
x509parse_crt:"3081de3081dba003020102020900ebdbcd14105e1839300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313230353935345a170d3234313130383230353935345a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa321301f301d0603551d250416301406082b0601050507030107082b06010505070302":"":POLARSSL_ERR_X509_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Certificate ASN1 (SubjectAltName repeated)
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
|
||||
x509parse_crt:"3081fd3081faa003020102020900a8b31ff37d09a37f300906072a8648ce3d0401300f310d300b0603550403130454657374301e170d3134313131313231333731365a170d3234313130383231333731365a300f310d300b06035504031304546573743059301306072a8648ce3d020106082a8648ce3d0301070342000437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edffa321301f301d0603551d11041630148208666f6f2e7465737482086261722e74657374301d0603551d11041630148208666f6f2e7465737482086261722e74657374":"":POLARSSL_ERR_X509_INVALID_EXTENSIONS
|
||||
|
||||
X509 Certificate ASN1 (correct pubkey, no sig_alg)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":POLARSSL_ERR_X509_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
|
Loading…
Reference in a new issue