Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-21 21:36:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #734 from gilles-peskine-arm/x509parse_crl-empty_entry-2.16

Browse source 
Backport 2.16: Fix buffer overflow in x509_get_entries (oss-fuzz 24123)
This commit is contained in:
Gilles Peskine 2020-08-14 23:22:23 +02:00 committed by GitHub
commit 4ca60502d8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 55 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
library/x509_crl.c
View file

@ -285,13 +285,13 @@ static int x509_get_entries( unsigned char **p,
size_t len2;
const unsigned char *end2;
cur_entry->raw.tag = **p;
if( ( ret = mbedtls_asn1_get_tag( p, end, &len2,
MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
{
return( ret );
}
cur_entry->raw.tag = **p;
cur_entry->raw.p = *p;
cur_entry->raw.len = len2;
end2 = *p + len2;