TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-05 20:15:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add 1 to tmp buf size in x509_ocsp_info_certs()

Browse Source 
Add 1 to a temporary buffer in x509_ocsp_info_certs() which is used to
construct the printing prefix to write an informational string of the
OCSP response for the user. The additional element added to the buffer
contains the \0 character. The missing element would cause a heap
overread of 1 when concatenating the prefix string with itself.
This commit is contained in:
Andres Amaya Garcia
2017-08-29 17:31:00 +01:00
committed by Andres Amaya Garcia
parent 7bdac59ad7
commit e8dc64cbf5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/x509_ocsp.c
View File

@@ -1393,7 +1393,7 @@ static int x509_ocsp_info_certs( char **buf, size_t *size, const char *prefix,
return( MBEDTLS_ERR_X509_ALLOC_FAILED );
/* Allocate a new buffer that will contain the prefix string twice */
double_prefix = mbedtls_calloc( 1, prefix_len * 2 );
double_prefix = mbedtls_calloc( 1, prefix_len * 2 + 1 );
if( double_prefix == NULL )
return( MBEDTLS_ERR_X509_ALLOC_FAILED );