Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-06 14:38:57 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix buffer overread in mbedtls_x509_get_time()

Browse source 
A heap overread might happen when parsing malformed certificates.
Reported by Peng Li and Yueh-Hsun Lin.

Refactoring the parsing fixes the problem. This commit applies the
relevant part of the OpenVPN contribution applied to mbed TLS 1.3
in commit 17da9dd82931abdf054a01c466bce45e7d12b742.
This commit is contained in:
Janos Follath 2017-02-03 12:36:59 +00:00 committed by Simon Butcher
parent ea7054a00c
commit 87c980749d
2 changed files with 88 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -40,6 +40,8 @@ Bugfix
cause buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed potential arithmetic overflow in mbedtls_base64_decode() that could
cause buffer bound checks to be bypassed. Found by Eyal Itkin.
* Fixed heap overreads in mbedtls_x509_get_time(). Found by Peng
Li/Yueh-Hsun Lin, KNOX Security, Samsung Research America.
= mbed TLS 2.4.1 branch released 2016-12-13