yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-03 19:20:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix CRL parsing to avoid infinite loop

Browse source 
This patch modifies the function mbedtls_x509_crl_parse() to ensure
that a CRL in PEM format with trailing characters after the footer does
not result in the execution of an infinite loop.
This commit is contained in:
Andres AG 2016-12-08 17:08:44 +00:00
parent a697bf503a
commit e567101f6b
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ChangeLog
View file

@ -1,5 +1,14 @@
mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch released xxxx-xx-xx
Security
* Fixed potential livelock during the parsing of a CRL in PEM format in
mbedtls_x509_crl_parse(). A string containing a CRL followed by trailing
characters after the footer could result in the execution of an infinite
loop. The issue can be triggered remotely. Found by Greg Zaverucha,
Microsoft.
= mbed TLS 1.3.18 branch 2016-10-17
Security

2
library/x509_crl.c
View file

@ -525,7 +525,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
pem_free( &pem );
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
else if( is_pem )
{
pem_free( &pem );
return( ret );