yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-25 18:36:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/library
History
Hanno Becker e04527755b Check for sufficient datagram size in ssl_parse_record_header() 
Previously, ssl_parse_record_header() did not check whether the current
datagram is large enough to hold a record of the advertised size. This
could lead to records being silently skipped over or backed up on the
basis of an invalid record length. Concretely, the following would happen:

1) In the case of a record from an old epoch, the record would be
   'skipped over' by setting next_record_offset according to the advertised
   but non-validated length, and only in the subsequent mbedtls_ssl_fetch_input()
   it would be noticed in an assertion failure if the record length is too
   large for the current incoming datagram.
   While not critical, this is fragile, and also contrary to the intend
   that MBEDTLS_ERR_SSL_INTERNAL_ERROR should never be trigger-able by
   external input.
2) In the case of a future record being buffered, it might be that we
   backup a record before we have validated its length, hence copying
   parts of the input buffer that don't belong to the current record.
   This is a bug, and it's by luck that it doesn't seem to have critical
   consequences.

This commit fixes this by modifying ssl_parse_record_header() to check that
the current incoming datagram is large enough to hold a record of the
advertised length, returning MBEDTLS_ERR_SSL_INVALID_RECORD otherwise.
2019-08-01 09:51:51 +02:00
..
.gitignore
aes.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
aesni.c Warn if using a memory sanitizer on AESNI 2018-04-05 15:37:38 +02:00
arc4.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
aria.c Implement parameter validation for ARIA module 2018-12-19 12:51:00 +00:00
asn1parse.c [FIXUP] Fix bug in ASN.1 traversal of silently ignored tag 2019-06-25 10:41:34 +01:00
asn1write.c Fix ASN1 bitstring writing 2019-02-11 21:13:33 +00:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-15 23:31:07 +02:00
bignum.c Consistently use (type *) instead of (type*) for pointer conversion 2019-06-25 09:10:57 +01:00
blowfish.c Implement parameter validation for Blowfish module 2018-12-19 12:52:59 +00:00
camellia.c Minor improvements to Camellia module and documentation 2018-12-19 13:42:05 +00:00
ccm.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
certs.c Re-generate library/certs.c from script 2019-05-30 10:58:12 +01:00
chacha20.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
chachapoly.c Fix wrong conditional in free() functions 2018-12-18 15:30:30 +00:00
cipher.c Consistently use (type *) instead of (type*) for pointer conversion 2019-06-25 09:10:57 +01:00
cipher_wrap.c Consistently use (type *) instead of (type*) for pointer conversion 2019-06-25 09:10:57 +01:00
cmac.c Merge remote-tracking branch 'public/pr/1390' into development 2018-06-27 10:51:47 +01:00
CMakeLists.txt Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19 2019-07-01 11:25:42 +01:00
ctr_drbg.c Streamline mbedtls_xxx_drbg_update_seed_file 2018-11-26 19:26:22 +01:00
debug.c Consistently use (type *) instead of (type*) for pointer conversion 2019-06-25 09:10:57 +01:00
des.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
dhm.c Allow DHM self test to run without MBEDTLS_PEM_PARSE_C 2019-05-30 10:58:12 +01:00
ecdh.c Fix mbedtls_ecdh_get_params with new ECDH context 2019-02-22 12:51:51 +01:00
ecdsa.c ECP restart: Don't calculate address of sub ctx if ctx is NULL 2019-07-19 14:56:09 +01:00
ecjpake.c Fix #2370, minor typos and spelling mistakes 2019-02-18 14:50:57 +00:00
ecp.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
ecp_curves.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
entropy.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
entropy_poll.c Add missing bracket 2018-11-06 13:12:47 +00:00
error.c Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19 2019-07-01 11:25:42 +01:00
gcm.c Improve parameter validation in mbedtls_gcm_free() 2018-12-19 17:32:19 +01:00
havege.c Prevent building the HAVEGE module on platforms where it doesn't work 2019-06-17 15:12:51 +02:00
hkdf.c Fix issue if salt = NULL and salt_len !=0 in mbedtls_hkdf_extract() 2018-07-23 10:34:47 -07:00
hmac_drbg.c Streamline mbedtls_xxx_drbg_update_seed_file 2018-11-26 19:26:22 +01:00
Makefile Merge branch 'mbedtls-2.16' into baremetal-2.16-01_07_19 2019-07-01 11:25:42 +01:00
md.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
md2.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
md4.c Add more missing parentheses around macro parameters 2019-04-24 10:52:53 +02:00
md5.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
md_wrap.c New MD API: rename functions from _ext to _ret 2018-01-22 11:54:42 +01:00
memory_buffer_alloc.c Fix braces in mbedtls_memory_buffer_alloc_status() 2018-06-12 16:56:04 +01:00
net_sockets.c Merge remote-tracking branch 'restricted/pr/608' into baremetal-proposed 2019-07-03 10:31:46 +02:00
nist_kw.c Remove faulty cipher_finish calls from nist_kw 2018-12-20 12:15:40 +01:00
oid.c Address review comments 2019-06-18 11:05:44 +01:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Clear pk context and other minor changes in *_free() procedures 2018-06-12 18:25:09 +03:00
pk.c Merge remote-tracking branch 'public/pr/1721' into development-restricted 2018-12-20 12:37:13 +00:00
pk_wrap.c Fix or improve some comments (and whitespace) 2018-10-15 15:27:49 +02:00
pkcs5.c Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C 2018-10-16 13:39:40 +01:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C 2018-10-16 13:39:40 +01:00
pkparse.c Fix unused variable warnings in pkparse.c 2019-06-18 11:31:59 +02:00
pkwrite.c PK parse/write: support keylen=0 correctly 2018-12-19 17:03:28 +01:00
platform.c Omit runtime configuration of calloc/free if macro config enabled 2018-10-11 11:04:20 +01:00
platform_util.c Remove the library provided function of MBEDTLS_PARAM_FAILED 2018-12-11 12:28:56 +01:00
poly1305.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
ripemd160.c Improve macro hygiene 2019-04-24 10:51:54 +02:00
rsa.c Merge remote-tracking branch 'public/pr/1721' into development-restricted 2018-12-20 12:37:13 +00:00
rsa_internal.c Bignum: Deprecate mbedtls_mpi_is_prime() 2018-10-09 16:36:53 +01:00
sha1.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
sha256.c Add further missing brackets around macro parameters 2019-04-24 10:52:45 +02:00
sha512.c Add more missing parentheses around macro parameters 2019-04-24 10:52:53 +02:00
ssl_cache.c Remove ciphersuite from SSL session if single suite hardcoded 2019-07-08 11:23:24 +01:00
ssl_ciphersuites.c Restore static inline qualif'n of some helpers in ssl_ciphersuites.h 2019-07-08 11:23:25 +01:00
ssl_cli.c Use separate functions to pend fatal and non-fatal alerts 2019-07-24 13:45:35 +01:00
ssl_cookie.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00
ssl_srv.c Use separate functions to pend fatal and non-fatal alerts 2019-07-24 13:45:35 +01:00
ssl_ticket.c Move session save/load function to ssl_tls.c 2019-06-03 09:51:08 +02:00
ssl_tls.c Check for sufficient datagram size in ssl_parse_record_header() 2019-08-01 09:51:51 +02:00
threading.c Don't declare and define gmtime()-mutex on Windows platforms 2018-09-06 12:09:56 +01:00
timing.c timing: Remove redundant include file 2019-06-20 16:33:02 +01:00
version.c Fix missing void argument declarations #678 2016-11-04 23:05:56 +01:00
version_features.c Update version_features.c 2019-07-30 16:33:40 +03:00
x509.c Move def'n of X.509 time-verif funcs to hdr if no time available 2019-07-04 14:03:26 +01:00
x509_create.c Move declarations of internal X.509 functions to separate header 2019-06-25 09:10:57 +01:00
x509_crl.c Move declarations of internal X.509 functions to separate header 2019-06-25 09:10:57 +01:00
x509_crt.c Introduce MBEDTLS_X509_CRT_REMOVE_SUBJECT_ISSUER_ID removing IDs 2019-07-04 14:04:03 +01:00
x509_csr.c Move declarations of internal X.509 functions to separate header 2019-06-25 09:10:57 +01:00
x509write_crt.c Move declarations of internal X.509 functions to separate header 2019-06-25 09:10:57 +01:00
x509write_csr.c Move declarations of internal X.509 functions to separate header 2019-06-25 09:10:57 +01:00
xtea.c Rename mbedtls_zeroize to mbedtls_platform_zeroize 2018-04-17 10:00:21 -05:00