mbedtls/library at 87c980749df93058a4a19119192bdd76132c93e9 - mbedtls - Gitea: Git with a cup of tea

mirror/mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 10:20:45 +00:00

History

Janos Follath 87c980749d Fix buffer overread in mbedtls_x509_get_time()

A heap overread might happen when parsing malformed certificates.
Reported by Peng Li and Yueh-Hsun Lin.

Refactoring the parsing fixes the problem. This commit applies the
relevant part of the OpenVPN contribution applied to mbed TLS 1.3
in commit 17da9dd82931abdf054a01c466bce45e7d12b742.

2017-02-28 14:23:12 +00:00

..

.gitignore

Split libs with make + general make cleanups

2015-06-25 10:59:56 +02:00

aes.c

Fix unused variable in AES selftest when CBC and CFB disabled (#393 )

2016-06-22 16:48:16 +01:00

aesni.c

Fix build errors on x32 by using the generic 'add' instruction

2016-05-23 14:29:28 +01:00

arc4.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

asn1parse.c

Fix 1 byte overread in mbedtls_asn1_get_int()

2016-10-13 13:54:14 +01:00

asn1write.c

Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths

2016-08-25 15:42:27 +01:00

base64.c

Add comment to integer overflow fix in base64.c

2017-02-15 23:31:07 +02:00

bignum.c

Adds additional casts to calloc calls

2016-05-23 14:29:33 +01:00

blowfish.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

camellia.c

Address user reported coverity issues.

2016-06-07 14:52:35 +01:00

ccm.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

certs.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

cipher_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

cipher.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

cmac.c

Update CMAC test vectors.

2017-02-15 22:55:30 +02:00

CMakeLists.txt

Update library version number to 2.4.1

2017-02-15 22:55:55 +02:00

ctr_drbg.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

debug.c

Fix compiler warning in debug.c

2017-02-15 09:08:26 +00:00

des.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

dhm.c

Corrected references for RSA and DHM

2016-01-20 00:44:42 +00:00

ecdh.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ecdsa.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

ecjpake.c

Fix potential stack buffer overflow in ecjpake

2015-10-20 16:20:56 +02:00

ecp_curves.c

Fix macroization of inline in C++

2015-10-05 11:41:36 +01:00

ecp.c

Address user reported coverity issues.

2016-06-07 14:52:35 +01:00

entropy_poll.c

Renames null entropy source function for clarity

2016-06-12 00:31:33 +01:00

entropy.c

Fix unused variable warnings for null entropy config

2016-09-15 18:57:34 +01:00

error.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

gcm.c

Fix documentation for mbedtls_gcm_finish()

2016-10-13 13:54:47 +01:00

havege.c

Fixes warnings found by Clang static analyser

2016-05-23 23:18:26 +01:00

hmac_drbg.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

Makefile

Added cmac.o to libary/Makefile

2016-10-13 13:51:09 +01:00

md2.c

Fix integer overflows in buffer bound checks

2017-02-15 23:31:07 +02:00

md4.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md5.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

md.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

memory_buffer_alloc.c

Fixes memory leak in memory_buffer_alloc.c debug

2016-05-23 14:29:29 +01:00

net_sockets.c

Fix formatting issues in net_sockets.c

2017-02-15 09:08:26 +00:00

oid.c

Removing in compile time unused entries from oid_ecp_grp list

2016-09-04 15:14:38 +01:00

padlock.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pem.c

Fix unused variable/function compilation warnings

2017-02-15 22:54:42 +02:00

pk_wrap.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pk.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pkcs5.c

Fix output of PKCS#5 and RIPEMD-160 self tests

2016-08-25 16:36:35 +01:00

pkcs11.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

pkcs12.c

Shut up a few clang-analyze warnings about use of uninitialized variables

2016-05-23 14:29:28 +01:00

pkparse.c

Clarify Comments and Fix Typos (#651 )

2017-02-15 09:08:26 +00:00

pkwrite.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

platform.c

Fix various compiler warnings with MSVC

2017-02-15 09:08:26 +00:00

ripemd160.c

Fix output of PKCS#5 and RIPEMD-160 self tests

2016-08-25 16:36:35 +01:00

rsa.c

Restore P>Q in RSA key generation (#558 )

2016-10-13 13:54:48 +01:00

sha1.c

Adds casts to zeroize functions to allow building as C++

2016-05-23 14:29:32 +01:00

sha256.c

Use allocated memory for SHA self tests

2016-10-13 15:10:14 +01:00

sha512.c

Use allocated memory for SHA self tests

2016-10-13 15:10:14 +01:00

ssl_cache.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_ciphersuites.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_cli.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

ssl_cookie.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_srv.c

Merge fix for IE Certificate Compatibility

2016-10-13 17:21:01 +01:00

ssl_ticket.c

Puts platform time abstraction into its own header

2016-07-13 14:46:18 +01:00

ssl_tls.c

Prevent SLOTH attacks

2017-02-15 23:29:32 +02:00

threading.c

Add safety check to sample mutex implementation

2016-10-13 13:51:07 +01:00

timing.c

Give better error messages for semi-portable parts

2016-02-22 10:47:32 +01:00

version_features.c

Merge fix for AEAD Random IVs

2016-10-14 00:48:33 +01:00

version.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00

x509_create.c

Fix other occurrences of same bounds check issue

2015-10-21 12:50:45 +02:00

x509_crl.c

Fix CRL parsing to avoid infinite loop

2017-01-19 16:43:48 +00:00

x509_crt.c

Merge branch 'iotssl-1071-ca-flags'

2017-02-27 19:06:05 +00:00

x509_csr.c

Fix unused variable/function compilation warnings

2017-02-15 22:54:42 +02:00

x509.c

Fix buffer overread in mbedtls_x509_get_time()

2017-02-28 14:23:12 +00:00

x509write_crt.c

Add missing bounds check in X509 DER write funcs

2016-10-11 14:07:48 +01:00

x509write_csr.c

Add missing bounds check in X509 DER write funcs

2016-10-11 14:07:48 +01:00

xtea.c

Change main license to Apache 2.0

2015-09-04 14:21:07 +02:00