mbedtls

mirror/mbedtls

Fork 0

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-09 07:09:39 +00:00

Commit Graph

Author	SHA1	Message	Date
Demi Marie Obenour	889534a4d2	Fix segfault in mbedtls_oid_get_numeric_string When passed an empty OID, mbedtls_oid_get_numeric_string would read one byte from the zero-sized buffer and return an error code that depends on its value. This is demonstrated by the test suite changes, which check that an OID with length zero and an invalid buffer pointer does not cause Mbed TLS to segfault. Also check that second and subsequent subidentifiers are terminated, and add a test case for that. Furthermore, stop relying on integer division by 40, use the same loop for both the first and subsequent subidentifiers, and add additional tests. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-03-16 01:06:41 -04:00
David Horstmann	21b8387929	Add ChangeLog for OID-to-string fixes Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-15 13:07:49 +00:00

Author

SHA1

Message

Date

Demi Marie Obenour

889534a4d2

Fix segfault in mbedtls_oid_get_numeric_string

When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value.  This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.

Also check that second and subsequent subidentifiers are terminated, and
add a test case for that.  Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>

2023-03-16 01:06:41 -04:00

David Horstmann

21b8387929

Add ChangeLog for OID-to-string fixes

Signed-off-by: David Horstmann <david.horstmann@arm.com>

2023-02-15 13:07:49 +00:00

2 Commits