mbedtls/library
Hanno Becker 2c5ef1143d ECP restart: Don't calculate address of sub ctx if ctx is NULL
All modules using restartable ECC operations support passing `NULL`
as the restart context as a means to not use the feature.

The restart contexts for ECDSA and ECP are nested, and when calling
restartable ECP operations from restartable ECDSA operations, the
address of the ECP restart context to use is calculated by adding
the to the address of the ECDSA restart context the offset the of
the ECP restart context.

If the ECP restart context happens to not reside at offset `0`, this
leads to a non-`NULL` pointer being passed to restartable ECP
operations from restartable ECDSA-operations; those ECP operations
will hence assume that the pointer points to a valid ECP restart
address and likely run into a segmentation fault when trying to
dereference the non-NULL but close-to-NULL address.

The problem doesn't arise currently because luckily the ECP restart
context has offset 0 within the ECDSA restart context, but we should
not rely on it.

This commit fixes the passage from restartable ECDSA to restartable ECP
operations by propagating NULL as the restart context pointer.

Apart from being fragile, the previous version could also lead to
NULL pointer dereference failures in ASanDbg builds which dereferenced
the ECDSA restart context even though it's not needed to calculate the
address of the offset'ed ECP restart context.
2019-07-19 14:25:42 +01:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
aesni.c Warn if using a memory sanitizer on AESNI 2018-04-05 15:37:38 +02:00
arc4.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
aria.c Implement parameter validation for ARIA module 2018-12-19 12:51:00 +00:00
asn1parse.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
asn1write.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-15 23:31:07 +02:00
bignum.c Fix typo 2019-03-06 13:51:30 +00:00
blowfish.c Implement parameter validation for Blowfish module 2018-12-19 12:52:59 +00:00
camellia.c Minor improvements to Camellia module and documentation 2018-12-19 13:42:05 +00:00
ccm.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
certs.c Re-generate library/certs.c from script 2019-05-30 10:58:12 +01:00
chacha20.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
chachapoly.c Fix wrong conditional in free() functions 2018-12-18 15:30:30 +00:00
cipher.c Remove unnecessary parameter validation from the Cipher module 2018-12-19 17:34:58 +01:00
cipher_wrap.c Fix after PR comments 2018-07-23 18:18:32 +01:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into development 2018-06-27 10:51:47 +01:00
CMakeLists.txt Update library to 2.16.2 2019-06-11 17:27:32 +01:00
ctr_drbg.c Streamline mbedtls_xxx_drbg_update_seed_file 2018-11-26 19:26:22 +01:00
debug.c Merge remote-tracking branch 'origin/pr/1818' into mbedtls-2.16 2019-03-05 16:28:18 +00:00
des.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
dhm.c Allow DHM self test to run without MBEDTLS_PEM_PARSE_C 2019-05-30 10:58:12 +01:00
ecdh.c Fix mbedtls_ecdh_get_params with new ECDH context 2019-02-22 12:51:51 +01:00
ecdsa.c ECP restart: Don't calculate address of sub ctx if ctx is NULL 2019-07-19 14:25:42 +01:00
ecjpake.c Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
ecp.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
ecp_curves.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
entropy.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
entropy_poll.c Add missing bracket 2018-11-06 13:12:47 +00:00
error.c Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
gcm.c Improve parameter validation in mbedtls_gcm_free() 2018-12-19 17:32:19 +01:00
havege.c Prevent building the HAVEGE module on platforms where it doesn't work 2019-06-17 15:12:51 +02:00
hkdf.c Fix issue if salt = NULL and salt_len !=0 in mbedtls_hkdf_extract() 2018-07-23 10:34:47 -07:00
hmac_drbg.c Streamline mbedtls_xxx_drbg_update_seed_file 2018-11-26 19:26:22 +01:00
Makefile Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
md.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
md2.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
md4.c Add more missing parentheses around macro parameters 2019-04-24 10:52:53 +02:00
md5.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
md_wrap.c New MD API: rename functions from _ext to _ret 2018-01-22 11:54:42 +01:00
memory_buffer_alloc.c Fix braces in mbedtls_memory_buffer_alloc_status() 2018-06-12 16:56:04 +01:00
net_sockets.c net_sockets: Fix typo in net_would_block() 2019-06-20 16:33:02 +01:00
nist_kw.c Remove faulty cipher_finish calls from nist_kw 2018-12-20 12:15:40 +01:00
oid.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Clear pk context and other minor changes in *_free() procedures 2018-06-12 18:25:09 +03:00
pk.c Merge remote-tracking branch 'public/pr/1721' into development-restricted 2018-12-20 12:37:13 +00:00
pk_wrap.c Fix or improve some comments (and whitespace) 2018-10-15 15:27:49 +02:00
pkcs5.c Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C 2018-10-16 13:39:40 +01:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:39:40 +01:00
pkparse.c pk_parse*keyfile: explicitly validate path=NULL 2018-12-19 17:37:02 +01:00
pkwrite.c PK parse/write: support keylen=0 correctly 2018-12-19 17:03:28 +01:00
platform.c Omit runtime configuration of calloc/free if macro config enabled 2018-10-11 11:04:20 +01:00
platform_util.c Remove the library provided function of MBEDTLS_PARAM_FAILED 2018-12-11 12:28:56 +01:00
poly1305.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
ripemd160.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
rsa.c Merge remote-tracking branch 'public/pr/1721' into development-restricted 2018-12-20 12:37:13 +00:00
rsa_internal.c Bignum: Deprecate mbedtls_mpi_is_prime() 2018-10-09 16:36:53 +01:00
sha1.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
sha256.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
sha512.c Add more missing parentheses around macro parameters 2019-04-24 10:52:53 +02:00
ssl_cache.c Address PR review comments 2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c Reduce priority of 3DES ciphersuites 2019-03-01 10:29:13 +01:00
ssl_cli.c SSL: Make use of the new ECDH interface 2018-12-06 12:22:46 +00:00
ssl_cookie.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
ssl_srv.c Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
ssl_ticket.c Indentation fix 2018-10-25 16:07:16 +01:00
ssl_tls.c Merge remote-tracking branch 'origin/pr/2714' into mbedtls-2.16 2019-06-21 16:00:52 +01:00
threading.c Don't declare and define gmtime()-mutex on Windows platforms 2018-09-06 12:09:56 +01:00
timing.c timing: Remove redundant include file 2019-06-20 16:33:02 +01:00
version.c Fix missing void argument declarations #678 2016-11-04 23:05:56 +01:00
version_features.c Make it easier to define MBEDTLS_PARAM_FAILED as assert 2019-06-17 19:07:42 +02:00
x509.c Merge remote-tracking branch 'origin/pr/2450' into mbedtls-2.16 2019-06-21 15:59:29 +01:00
x509_create.c Break overly long line in library/x509_create.c 2018-11-02 10:52:38 +00:00
x509_crl.c Always return a high-level error code from X.509 module 2019-06-04 14:01:10 +01:00
x509_crt.c Merge remote-tracking branch 'origin/pr/2450' into mbedtls-2.16 2019-06-21 15:59:29 +01:00
x509_csr.c Fix CSR parsing header call 2018-10-07 17:48:37 +01:00
x509write_crt.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
x509write_csr.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
xtea.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00