mbedtls/library
Andrzej Kurek 1605074f97
Guard from undefined behaviour in case of an INT_MAX max_pathlen
When parsing a certificate with the basic constraints extension
the max_pathlen that was read from it was incremented regardless
of its value. However, if the max_pathlen is equal to INT_MAX (which
is highly unlikely), an undefined behaviour would occur.
This commit adds a check to ensure that such value is not accepted
as valid. Relevant tests for INT_MAX and INT_MAX-1 are also introduced.
Certificates added in this commit were generated using the
test_suite_x509write, function test_x509_crt_check. Input data taken 
from the "Certificate write check Server1 SHA1" test case, so the generated
files are like the "server1.crt", but with the "is_ca" field set to 1 and
max_pathlen as described by the file name.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-15 06:15:45 -04:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Merge branch 'development' into development-restricted 2020-01-15 15:55:11 +00:00
aesni.c Remove crypto C files 2019-08-15 15:44:50 +01:00
arc4.c Remove crypto C files 2019-08-15 15:44:50 +01:00
aria.c Remove crypto C files 2019-08-15 15:44:50 +01:00
asn1parse.c Replace use of uint8_t by unsigned char in ASN.1 seq traversal API 2020-02-03 10:39:55 +00:00
asn1write.c Merge pull request #323 from yanesca/iotcrypt-942-initialise-return-values 2019-12-19 10:24:22 +00:00
base64.c Remove crypto C files 2019-08-15 15:44:50 +01:00
bignum.c Merge pull request #346 from gilles-peskine-arm/mpi_copy_shrink 2020-02-06 09:52:01 +01:00
blowfish.c Remove crypto C files 2019-08-15 15:44:50 +01:00
camellia.c Remove crypto C files 2019-08-15 15:44:50 +01:00
ccm.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
certs.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
chacha20.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
chachapoly.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
cipher.c Remove redundant block_size validity check 2020-01-21 15:02:14 +01:00
cipher_wrap.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
cmac.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
CMakeLists.txt Fix the shared library build with CMake 2020-03-23 17:55:32 +01:00
ctr_drbg.c Merge branch 'development' into development-restricted 2020-01-15 15:55:11 +00:00
debug.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
des.c des: Reduce number of self-test iterations 2019-09-04 10:11:45 +01:00
dhm.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
ecdh.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
ecdsa.c Fix incrementing pointer instead of value 2020-01-24 12:11:56 +01:00
ecjpake.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
ecp.c Revert "ecp: Remove dependency on TLS and X.509" 2020-03-19 14:23:45 +01:00
ecp_curves.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
entropy.c Merge pull request #323 from yanesca/iotcrypt-942-initialise-return-values 2019-12-19 10:24:22 +00:00
entropy_poll.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
error.c Re-generate automatically generated files 2020-03-23 17:55:31 +01:00
gcm.c Merge branch 'development' into development-restricted 2020-01-15 15:55:11 +00:00
havege.c Remove crypto C files 2019-08-15 15:44:50 +01:00
hkdf.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
hmac_drbg.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
Makefile makefile: remove unneeded priority dependency from library makefile 2020-03-26 07:18:42 -04:00
md.c Revert "md: Remove dependency on X.509" 2020-03-19 14:23:45 +01:00
md2.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
md4.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
md5.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
memory_buffer_alloc.c Remove crypto C files 2019-08-15 15:44:50 +01:00
net_sockets.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
nist_kw.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
oid.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
padlock.c Remove crypto C files 2019-08-15 15:44:50 +01:00
pem.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
pk.c pk: USE_PSA_CRYPTO: don't translate via the TLS ID 2020-01-31 10:15:32 +01:00
pk_wrap.c Remove mbedtls_psa_translate_ecc_group 2020-01-31 10:15:32 +01:00
pkcs5.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
pkcs11.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
pkcs12.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
pkparse.c Fix pkparse bug wrt MBEDTLS_RSA_ALT 2020-02-18 10:31:29 +01:00
pkwrite.c Change key types to a 16-bit encoding 2020-01-31 10:24:21 +01:00
platform.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
platform_util.c Check for zero length and NULL buffer pointer. 2019-09-04 11:31:35 +01:00
poly1305.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
psa_crypto.c Merge pull request #345 from gilles-peskine-arm/psa_mac_verify_finish-status 2020-02-03 13:55:11 +00:00
psa_crypto_core.h Rename internal macro to pass check-names.sh 2019-08-08 10:58:09 +02:00
psa_crypto_invasive.h Add a facility to configure entropy sources 2018-11-23 22:58:38 +01:00
psa_crypto_its.h Add psa_trusted_storage_linux persistent storage support for v1.0.0 APIs 2019-07-23 17:30:37 +01:00
psa_crypto_se.c SE driver: Fix loading of persistent data 2019-10-01 16:55:29 +02:00
psa_crypto_se.h SE driver: call the p_init method during psa_crypto_init() 2019-10-01 15:22:29 +02:00
psa_crypto_service_integration.h Add common header for crypto service integration 2019-02-19 15:09:14 +02:00
psa_crypto_slot_management.c Make psa_close_key(0) and psa_destroy_key(0) succeed 2019-10-08 15:57:27 +02:00
psa_crypto_slot_management.h Rename psa_internal_allocate_key_slot to psa_get_empty_key_slot 2019-08-08 10:58:09 +02:00
psa_crypto_storage.c Change key types to a 16-bit encoding 2020-01-31 10:24:21 +01:00
psa_crypto_storage.h Switch storage functions over to psa_core_key_attributes_t 2019-07-31 14:15:27 +02:00
psa_its_file.c Add an input check in psa_its_set 2019-09-05 09:34:34 -04:00
ripemd160.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
rsa.c Final review comments 2020-01-28 14:43:52 -05:00
rsa_internal.c Remove crypto C files 2019-08-15 15:44:50 +01:00
sha1.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
sha256.c Initialise return values to an error 2019-12-03 16:07:18 +00:00
sha512.c Fix some whitespace issues 2020-01-29 09:46:49 +01:00
ssl_cache.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
ssl_ciphersuites.c Rename identifiers containing double-underscore 2020-03-23 17:55:32 +01:00
ssl_cli.c Rename identifiers containing double-underscore 2020-03-23 17:55:32 +01:00
ssl_cookie.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
ssl_msg.c Split the maximum fragment length into two - an input and output MFL 2020-04-09 04:30:34 -04:00
ssl_srv.c Merge 'mbedtls/development' into merge-crypto-unremoved-20200304 2020-03-23 18:02:07 +01:00
ssl_ticket.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
ssl_tls.c Improve pointer calculations when resizing I/O buffers 2020-04-09 04:33:00 -04:00
threading.c Remove crypto C files 2019-08-15 15:44:50 +01:00
timing.c Remove crypto C files 2019-08-15 15:44:50 +01:00
version.c Fix missing void argument declarations #678 2016-11-04 23:05:56 +01:00
version_features.c Refresh generated files 2020-03-23 21:54:07 +01:00
x509.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509_create.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509_crl.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509_crt.c Guard from undefined behaviour in case of an INT_MAX max_pathlen 2020-04-15 06:15:45 -04:00
x509_csr.c Put includes in alphabetical order 2019-12-19 10:27:57 +00:00
x509write_crt.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
x509write_csr.c Revert "Remove unused TLS, NET, and X.509 files" 2020-03-19 13:36:33 +01:00
xtea.c Remove crypto C files 2019-08-15 15:44:50 +01:00