yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-08 10:09:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed potential overflow in certificate size in ssl_write_certificate()

Browse source
This commit is contained in:
Paul Bakker 2013-12-31 11:35:16 +01:00
parent 78e819698b
commit d83584e9aa
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -11,6 +11,8 @@ Bugfix
* Fixed x509_crt_parse_path() bug on Windows platforms * Fixed x509_crt_parse_path() bug on Windows platforms
* Added missing MPI_CHK() around some statements in mpi_div_mpi() (found by * Added missing MPI_CHK() around some statements in mpi_div_mpi() (found by
TrustInSoft) TrustInSoft)
* Fixed potential overflow in certificate size verification in
ssl_write_certificate() (found by TrustInSoft)
= Version 1.2.10 released 2013-10-07 = Version 1.2.10 released 2013-10-07
Changes Changes

2
library/ssl_tls.c
View file

@ -2223,7 +2223,7 @@ int ssl_write_certificate( ssl_context *ssl )
while( crt != NULL ) while( crt != NULL )
{ {
n = crt->raw.len; n = crt->raw.len;
if( i + 3 + n > SSL_MAX_CONTENT_LEN ) if( n > SSL_MAX_CONTENT_LEN - 3 - i )
{ {
SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d",
i + 3 + n, SSL_MAX_CONTENT_LEN ) ); i + 3 + n, SSL_MAX_CONTENT_LEN ) );