espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2025-06-11 13:27:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
mbedtls/library
History
Andrzej Kurek acf7f2ce93 Guard from undefined behaviour in case of an INT_MAX max_pathlen 
When parsing a certificate with the basic constraints extension
the max_pathlen that was read from it was incremented regardless
of its value. However, if the max_pathlen is equal to INT_MAX (which
is highly unlikely), an undefined behaviour would occur.
This commit adds a check to ensure that such value is not accepted
as valid. Relevant tests for INT_MAX and INT_MAX-1 are also introduced.
Certificates added in this commit were generated using the
test_suite_x509write, function test_x509_crt_check. Input data taken
from the "Certificate write check Server1 SHA1" test case, so the generated
files are like the "server1.crt", but with the "is_ca" field set to 1 and
max_pathlen as described by the file name.

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Piotr Nowicki <piotr.nowicki@arm.com>
2020-04-17 11:29:20 +02:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Zeroize local AES variables before exiting the function
2019-11-12 03:34:03 -05:00
aesni.c
Warn if using a memory sanitizer on AESNI
2018-04-05 15:37:38 +02:00
arc4.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00
aria.c
Implement parameter validation for ARIA module
2018-12-19 12:51:00 +00:00
asn1parse.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00
asn1write.c
Fix ASN1 bitstring writing
2019-02-11 21:13:33 +00:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-15 23:31:07 +02:00
bignum.c
Minor comment improvement
2020-02-03 16:21:31 +01:00
blowfish.c
Implement parameter validation for Blowfish module
2018-12-19 12:52:59 +00:00
camellia.c
Minor improvements to Camellia module and documentation
2018-12-19 13:42:05 +00:00
ccm.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
certs.c
Update certificates to expire in 2029
2019-07-10 18:35:10 +03:00
chacha20.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
chachapoly.c
Fix wrong conditional in free() functions
2018-12-18 15:30:30 +00:00
cipher_wrap.c
Fix after PR comments
2018-07-23 18:18:32 +01:00
cipher.c
Remove redundant block_size validity check
2020-01-27 15:16:16 +01:00
cmac.c
Merge remote-tracking branch 'public/pr/1390' into development
2018-06-27 10:51:47 +01:00
CMakeLists.txt
Bump version to Mbed TLS 2.16.6
2020-04-08 17:17:27 +01:00
ctr_drbg.c
Merge remote-tracking branch 'origin/mbedtls-2.16' into mbedtls-2.16-restricted
2020-01-15 16:59:41 +00:00
debug.c
Merge remote-tracking branch 'origin/pr/1818' into mbedtls-2.16
2019-03-05 16:28:18 +00:00
des.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
dhm.c
Allow DHM self test to run without MBEDTLS_PEM_PARSE_C
2019-05-30 10:58:12 +01:00
ecdh.c
Fix mbedtls_ecdh_get_params with new ECDH context
2019-02-22 12:51:51 +01:00
ecdsa.c
Fix incrementing pointer instead of value
2020-01-24 12:35:47 +01:00
ecjpake.c
Fix handling of md failure
2019-07-08 15:44:18 +02:00
ecp_curves.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
ecp.c
Fix leakage of projective coordinates in ECC
2020-04-01 11:02:18 +02:00
entropy_poll.c
Add missing bracket
2018-11-06 13:12:47 +00:00
entropy.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00
error.c
Fix #2370, minor typos and spelling mistakes
2019-02-18 14:50:57 +00:00
gcm.c
Improve parameter validation in mbedtls_gcm_free()
2018-12-19 17:32:19 +01:00
havege.c
Prevent building the HAVEGE module on platforms where it doesn't work
2019-06-17 15:12:51 +02:00
hkdf.c
Fix issue if salt = NULL and salt_len !=0 in mbedtls_hkdf_extract()
2018-07-23 10:34:47 -07:00
hmac_drbg.c
HMAC_DRBG: support set_entropy_len() before seed()
2019-10-23 18:00:03 +02:00
Makefile
Fix #2370, minor typos and spelling mistakes
2019-02-18 14:50:57 +00:00
md2.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00
md4.c
Add more missing parentheses around macro parameters
2019-04-24 10:52:53 +02:00
md5.c
Add further missing brackets around macro parameters
2019-04-24 10:52:45 +02:00
md_wrap.c
New MD API: rename functions from _ext to _ret
2018-01-22 11:54:42 +01:00
md.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00
memory_buffer_alloc.c
Fix braces in mbedtls_memory_buffer_alloc_status()
2018-06-12 16:56:04 +01:00
net_sockets.c
net_sockets: Fix typo in net_would_block()
2019-06-20 16:33:02 +01:00
nist_kw.c
Remove faulty cipher_finish calls from nist_kw
2018-12-20 12:15:40 +01:00
oid.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Clear pk context and other minor changes in *_free() procedures
2018-06-12 18:25:09 +03:00
pk_wrap.c
Fix or improve some comments (and whitespace)
2018-10-15 15:27:49 +02:00
pk.c
Merge remote-tracking branch 'public/pr/1721' into development-restricted
2018-12-20 12:37:13 +00:00
pkcs5.c
Guard mbedtls_pkcs5_pbes2() by MBEDTLS_ASN1_PARSE_C
2018-10-16 13:39:40 +01:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Make PBE-related parts of PKCS12 depend on MBEDTLS_ASN1_PARSE_C
2018-10-16 13:39:40 +01:00
pkparse.c
Fix pkparse bug wrt MBEDTLS_RSA_ALT
2020-02-18 10:49:06 +01:00
pkwrite.c
Merge remote-tracking branch 'upstream-restricted/pr/503' into mbedtls-2.16-restricted
2019-08-14 16:39:24 +02:00
platform_util.c
Check for zero length and NULL buffer pointer
2019-09-04 11:19:38 +01:00
platform.c
Omit runtime configuration of calloc/free if macro config enabled
2018-10-11 11:04:20 +01:00
poly1305.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
ripemd160.c
Improve macro hygiene
2019-04-24 10:51:54 +02:00
rsa_internal.c
Bignum: Deprecate mbedtls_mpi_is_prime()
2018-10-09 16:36:53 +01:00
rsa.c
Parse RSA parameters DP, DQ and QP from PKCS1 private keys
2020-01-29 13:09:55 -05:00
sha1.c
Add further missing brackets around macro parameters
2019-04-24 10:52:45 +02:00
sha256.c
Add further missing brackets around macro parameters
2019-04-24 10:52:45 +02:00
sha512.c
Add more missing parentheses around macro parameters
2019-04-24 10:52:53 +02:00
ssl_cache.c
Address PR review comments
2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c
Reduce priority of 3DES ciphersuites
2019-03-01 10:29:13 +01:00
ssl_cli.c
Parse HelloVerifyRequest: avoid buffer overread at the start
2019-11-21 14:09:49 +01:00
ssl_cookie.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00
ssl_srv.c
Fix #2370, minor typos and spelling mistakes
2019-02-18 14:50:57 +00:00
ssl_ticket.c
Indentation fix
2018-10-25 16:07:16 +01:00
ssl_tls.c
Improve debug logging of client hard reconnect
2020-03-31 12:32:38 +02:00
threading.c
Don't declare and define gmtime()-mutex on Windows platforms
2018-09-06 12:09:56 +01:00
timing.c
timing: Remove redundant include file
2019-06-20 16:33:02 +01:00
version_features.c
Move MBEDTLS_CTR_DRBG_USE_128_BIT_KEY to the correct section
2019-10-04 11:21:25 +02:00
version.c
Fix missing void argument declarations #678
2016-11-04 23:05:56 +01:00
x509_create.c
Break overly long line in library/x509_create.c
2018-11-02 10:52:38 +00:00
x509_crl.c
Always return a high-level error code from X.509 module
2019-06-04 14:01:10 +01:00
x509_crt.c
Guard from undefined behaviour in case of an INT_MAX max_pathlen
2020-04-17 11:29:20 +02:00
x509_csr.c
Fix CSR parsing header call
2018-10-07 17:48:37 +01:00
x509.c
Correct comment on the configuration option in x509.c
2020-03-28 00:35:49 +00:00
x509write_crt.c
Change size of preallocated buffer for pk_sign() calls
2019-06-06 13:13:26 +02:00
x509write_csr.c
Add missing return code check on call to mbedtls_md()
2020-01-22 18:59:37 +01:00
xtea.c
Rename mbedtls_zeroize to mbedtls_platform_zeroize
2018-04-17 10:00:21 -05:00