Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-07 15:09:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #734 from gilles-peskine-arm/x509parse_crl-empty_entry-2.16

Browse source 
Backport 2.16: Fix buffer overflow in x509_get_entries (oss-fuzz 24123)
This commit is contained in:
Gilles Peskine 2020-08-14 23:22:23 +02:00 committed by GitHub
commit 4ca60502d8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 55 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog.d/x509parse_crl-empty_entry.txt Normal file
View file

@ -0,0 +1,4 @@
Security
* Fix a 1-byte buffer overread in mbedtls_x509_crl_parse_der().
Credit to OSS-Fuzz for detecting the problem and to Philippe Antoine
for pinpointing the problematic code.