TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-13 23:51:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
bd76de27ac3b6b0dc3c44a34888f4be5f408167a
mbedtls/library
History
Hanno Becker 63c706f429 Fix bounds check in ssl_parse_server_psk_hint() 
In the previous bounds check `(*p) > end - len`, the computation
of `end - len` might underflow if `end` is within the first 64KB
of the address space (note that the length `len` is controlled by
the peer). In this case, the bounds check will be bypassed, leading
to `*p` exceed the message bounds by up to 64KB when leaving
`ssl_parse_server_psk_hint()`. In a pure PSK-based handshake,
this doesn't seem to have any consequences, as `*p*` is not accessed
afterwards. In a PSK-(EC)DHE handshake, however, `*p` is read from
in `ssl_parse_server_ecdh_params()` and `ssl_parse_server_dh_params()`
which might lead to an application crash of information leakage.
2018-10-08 13:53:51 +01:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Add missing MBEDTLS_DEPRECATED_REMOVED guards
2018-02-21 19:16:20 +01:00
aesni.c
Fix build errors on x32 by using the generic 'add' instruction
2016-05-23 14:29:28 +01:00
arc4.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
asn1parse.c
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-13 13:54:14 +01:00
asn1write.c
Merge remote-tracking branch 'public/pr/1655' into mbedtls-2.7
2018-06-12 17:40:08 +01:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-15 23:31:07 +02:00
bignum.c
Minor fixes
2018-03-09 10:48:12 +00:00
blowfish.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
camellia.c
Address user reported coverity issues.
2016-06-07 14:52:35 +01:00
ccm.c
enforce input and output of ccm selftest on stack
2018-07-30 11:43:08 +03:00
certs.c
Undo API change from SHA1 deprecation
2017-07-27 21:44:33 +01:00
cipher_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
cipher.c
Move definition of MBEDTLS_CIPHER_MODE_STREAM
2018-06-28 08:44:47 +03:00
cmac.c
Merge remote-tracking branch 'public/pr/1390' into mbedtls-2.7
2018-06-27 11:11:34 +01:00
CMakeLists.txt
Update library version number to 2.7.6
2018-08-31 16:07:23 +01:00
ctr_drbg.c
ctr_drbg: Typo fix in the file description comment.
2018-02-10 11:11:41 +02:00
debug.c
Fix compilation error with Mingw32
2017-09-06 17:51:14 +03:00
des.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
dhm.c
Merge remote-tracking branch 'upstream-restricted/pr/410' into development-restricted
2018-01-26 18:43:04 +00:00
ecdh.c
Address PR cpomments reviews
2017-10-10 19:04:27 +03:00
ecdsa.c
Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
2018-03-30 18:43:16 +02:00
ecjpake.c
Fix multiple quality issues in the source
2018-06-08 11:14:43 +01:00
ecp_curves.c
ECP: Add module and function level replacement options.
2017-05-11 22:42:14 +01:00
ecp.c
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
2018-07-26 11:08:06 +03:00
entropy_poll.c
Renames null entropy source function for clarity
2016-06-12 00:31:33 +01:00
entropy.c
Merge branch 'development' into development-restricted
2018-01-25 17:28:31 +00:00
error.c
Update error.c
2018-03-30 18:52:10 +02:00
gcm.c
Merge remote-tracking branch 'upstream-public/pr/964' into development
2018-01-02 16:24:29 +01:00
havege.c
Fixes warnings found by Clang static analyser
2016-05-23 23:18:26 +01:00
hmac_drbg.c
Zeroize tmp bufs in hmac_drbg.c functions
2017-06-26 10:22:24 +01:00
Makefile
Merge remote-tracking branch 'upstream-public/pr/1500' into mbedtls-2.7-proposed
2018-04-01 12:41:29 +02:00
md2.c
MD: Make deprecated functions not inline
2018-02-22 08:20:42 +00:00
md4.c
MD: Make deprecated functions not inline
2018-02-22 08:20:42 +00:00
md5.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
md_wrap.c
New MD API: rename functions from _ext to _ret
2018-01-22 11:54:42 +01:00
md.c
Merge branch 'development' into development-restricted
2018-01-25 17:28:31 +00:00
memory_buffer_alloc.c
Fix braces in mbedtls_memory_buffer_alloc_status()
2018-05-23 16:32:33 +01:00
net_sockets.c
Merge remote-tracking branch 'public/pr/1711' into mbedtls-2.7
2018-06-14 11:01:14 +01:00
oid.c
pkcs5v2: add support for additional hmacSHA algorithms
2018-02-08 17:18:15 +08:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Merge remote-tracking branch 'upstream-public/pr/778' into mbedtls-2.7-proposed
2018-03-12 23:44:56 +01:00
pk_wrap.c
Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
2018-03-30 18:43:16 +02:00
pk.c
Change PK module preprocessor check on word size
2017-08-04 13:32:15 +01:00
pkcs5.c
Treat warnings as errors for IAR
2018-05-25 14:58:33 +01:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Shut up a few clang-analyze warnings about use of uninitialized variables
2016-05-23 14:29:28 +01:00
pkparse.c
Remove unnecessary mark as unused #1098 (backport)
2018-07-20 14:08:02 +02:00
pkwrite.c
Adapt PK test suite to use new interface
2017-08-23 16:17:27 +01:00
platform.c
Merge remote-tracking branch 'upstream-public/pr/1079' into mbedtls-2.7-proposed
2018-03-11 00:48:17 +01:00
ripemd160.c
MD: Make deprecated functions not inline
2018-02-22 08:20:42 +00:00
rsa_internal.c
Add explicit type cast to avoid truncation warning
2018-01-03 09:27:40 +00:00
rsa.c
Merge tag 'mbedtls-2.7.2' into iotssl-1381-x509-verify-refactor-2.7-restricted
2018-03-23 02:12:44 +01:00
sha1.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
sha256.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
sha512.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:18:37 +02:00
ssl_cache.c
Address PR review comments
2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c
Add ecc extensions only if ecc ciphersuite is used
2018-06-28 15:49:34 +03:00
ssl_cli.c
Fix bounds check in ssl_parse_server_psk_hint()
2018-10-08 13:53:51 +01:00
ssl_cookie.c
Fix resource leak when using mutex and ssl_cookie
2017-03-02 12:26:11 +00:00
ssl_srv.c
Merge remote-tracking branch 'upstream-public/pr/1814' into mbedtls-2.7
2018-08-10 11:01:29 +01:00
ssl_ticket.c
Fix bug in SSL ticket implementation removing keys of age < 1s
2018-08-22 14:58:31 +01:00
ssl_tls.c
Merge remote-tracking branch 'restricted/pr/437' into mbedtls-2.7-restricted
2018-08-28 15:34:28 +01:00
threading.c
Do not define and initialize global mutexes on configurations that do not use them.
2018-03-21 15:13:08 +00:00
timing.c
Fix alarm(0) failure on mingw32
2018-01-29 10:24:50 +01:00
version_features.c
Merge branch 'prr_424' into mbedtls-2.7-proposed
2018-02-22 16:07:32 +01:00
version.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-10-21 12:50:45 +02:00
x509_crl.c
x509: CRL: reject unsupported critical extensions
2018-03-14 09:24:12 +01:00
x509_crt.c
Merge remote-tracking branch 'restricted/pr/498' into mbedtls-2.7-restricted
2018-08-28 15:29:55 +01:00
x509_csr.c
Coding style
2018-06-22 11:45:38 +01:00
x509.c
x509.c: Remove unused includes
2018-07-02 12:13:26 +01:00
x509write_crt.c
New MD API: rename functions from _ext to _ret
2018-01-22 11:54:42 +01:00
x509write_csr.c
Clarify code-paths in x509write_csr and x509write_crt
2017-09-22 16:05:43 +01:00
xtea.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00