Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-07 15:09:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix possible client crash on API misuse

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-09-03 10:44:32 +02:00
parent 14d800507a
commit 7f2f062a5d
2 changed files with 23 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -6,6 +6,11 @@ Features
* Added support for yotta as a build system.
* Primary open source license changed to Apache 2.0 license.
Security
* Fix possible client-side NULL pointer dereference (read) when the client
tries to continue the handshake after it failed (a misuse of the API).
(Found by GDS Labs using afl-fuzz, patch provided by GDS Labs.)
Bugfix
* Fix segfault in the benchmark program when benchmarking DHM.
* Fix build error with CMake and pre-4.5 versions of GCC (found by Hugo