diff --git a/ChangeLog b/ChangeLog index e024af818..f60dcb362 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,10 +4,13 @@ mbed TLS ChangeLog (Sorted per branch, date) Security * Added fix for CVE-2015-xxxxx to prevent heap corruption due to buffer - overflow of the hostname or session ticket. (Found by Guido Vranken). + overflow of the hostname or session ticket. Found by Guido Vranken. * Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than once in the same handhake and mbedtls_ssl_conf_psk() was used. Found and patch provided by Guido Vranken. Cannot be forced remotely. + * Fix stack buffer overflow in pkcs12 decryption (used by + mbedtls_pk_parse_key(file)() when the password is > 129 bytes. + Found by Guido Vranken. Not triggerable remotely. Changes * Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure diff --git a/library/pkcs12.c b/library/pkcs12.c index f1777eb70..7023b9dbc 100644 --- a/library/pkcs12.c +++ b/library/pkcs12.c @@ -86,6 +86,8 @@ static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params, return( 0 ); } +#define PKCS12_MAX_PWDLEN 128 + static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type, const unsigned char *pwd, size_t pwdlen, unsigned char *key, size_t keylen, @@ -94,7 +96,10 @@ static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_ty int ret, iterations; mbedtls_asn1_buf salt; size_t i; - unsigned char unipwd[258]; + unsigned char unipwd[PKCS12_MAX_PWDLEN * 2 + 2]; + + if( pwdlen > PKCS12_MAX_PWDLEN ) + return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA ); memset( &salt, 0, sizeof(mbedtls_asn1_buf) ); memset( &unipwd, 0, sizeof(unipwd) ); @@ -125,6 +130,8 @@ static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_ty return( 0 ); } +#undef PKCS12_MAX_PWDLEN + int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode, const unsigned char *pwd, size_t pwdlen, const unsigned char *data, size_t len,