Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2025-12-21 21:36:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix stack buffer overflow in net functions with large file descriptor

Browse source 
Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout() when given a file descriptor that is beyond
FD_SETSIZE. The bug was due to not checking that the file descriptor
is within the range of an fd_set object.

Fix #4169

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-02-24 19:49:44 +01:00
parent b01ce91745
commit f604240b1b
2 changed files with 18 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog.d/net_poll-fd_setsize.txt Normal file
View file

@ -0,0 +1,4 @@
Security
* Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout() when given a file descriptor that is
beyond FD_SETSIZE. Reported by FigBug in #4169.