yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-11-04 12:35:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add test for bounds in X509 DER write funcs

Browse source
This commit is contained in:
Andres AG 2016-09-07 11:09:44 +01:00 committed by Simon Butcher
parent 8aa301ba31
commit effb5582dd
2 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog
View file

@ -5,8 +5,8 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security
* Fix potential stack corruption in mbedtls_x509write_crt_der() and
mbedtls_x509write_csr_der() when the signature is copied to the buffer
without checking whether there is enough space in the destination. It is
not triggerable remotely in SSL/TLS.
without checking whether there is enough space in the destination. The
issue cannot be triggered remotely.
Bugfix
* Fix an issue that caused valid certificates being rejected whenever an

8
tests/suites/test_suite_x509write.function
View file

@ -52,6 +52,10 @@ void x509_csr_check( char *key_file, char *cert_req_check_file,
TEST_ASSERT( olen >= pem_len - 1 );
TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
ret = mbedtls_x509write_csr_der( &req, buf, pem_len / 2,
rnd_pseudo_rand, &rnd_info );
TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
exit:
mbedtls_x509write_csr_free( &req );
mbedtls_pk_free( &key );
@ -125,6 +129,10 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
TEST_ASSERT( olen >= pem_len - 1 );
TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
ret = mbedtls_x509write_crt_der( &crt, buf, pem_len / 2,
rnd_pseudo_rand, &rnd_info );
TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
exit:
mbedtls_x509write_crt_free( &crt );
mbedtls_pk_free( &issuer_key );