TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-09 05:47:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
be75866fb37a79302dc4ebe2f273ea4ffb2d6b84
mbedtls/library
History
Hanno Becker bab079e85e Fix bounds check in ssl_parse_server_psk_hint() 
In the previous bounds check `(*p) > end - len`, the computation
of `end - len` might underflow if `end` is within the first 64KB
of the address space (note that the length `len` is controlled by
the peer). In this case, the bounds check will be bypassed, leading
to `*p` exceed the message bounds by up to 64KB when leaving
`ssl_parse_server_psk_hint()`. In a pure PSK-based handshake,
this doesn't seem to have any consequences, as `*p*` is not accessed
afterwards. In a PSK-(EC)DHE handshake, however, `*p` is read from
in `ssl_parse_server_ecdh_params()` and `ssl_parse_server_dh_params()`
which might lead to an application crash of information leakage.
2018-10-08 13:55:30 +01:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
aesni.c
Fix build errors on x32 by using the generic 'add' instruction
2018-01-29 21:54:26 +01:00
arc4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
asn1parse.c
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-12 17:45:29 +01:00
asn1write.c
Fix multiple quality issues in the source
2018-06-22 11:22:44 +01:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-20 21:51:18 +00:00
bignum.c
Merge remote-tracking branch 'upstream-restricted/pr/360' into mbedtls-2.1-restricted-proposed
2018-03-13 17:26:49 +01:00
blowfish.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
camellia.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ccm.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
certs.c
Fix 2.1-specific remaining MD/PK depend issues
2018-03-13 11:53:48 +01:00
cipher_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
cipher.c
Move definition of MBEDTLS_CIPHER_MODE_STREAM
2018-06-28 08:49:25 +03:00
CMakeLists.txt
Update library version number to 2.1.15
2018-08-31 16:10:48 +01:00
ctr_drbg.c
Zeroize tmp buf in ctr_drbg_write_seed_file()
2017-07-11 17:31:02 +01:00
debug.c
Fix compilation error with Mingw32
2018-01-22 19:06:57 +02:00
des.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
dhm.c
Merge remote-tracking branch 'upstream-restricted/pr/406' into mbedtls-2.1-restricted
2017-11-28 16:19:19 +01:00
ecdh.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecdsa.c
Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
2018-03-30 18:51:14 +02:00
ecp_curves.c
ECP: Prevent freeing a buffer on stack
2017-02-28 18:56:35 +00:00
ecp.c
Fix memory leak in ecp_mul_comb() if ecp_precompute_comb() fails
2018-07-26 11:09:37 +03:00
entropy_poll.c
Fix MSan build without MBEDTLS_TIMING_C
2018-06-01 18:38:53 +02:00
entropy.c
Merge branch 'pr_1276' into mbedtls-2.1-proposed
2018-03-12 23:51:01 +01:00
error.c
Update error.c
2018-03-30 18:51:31 +02:00
gcm.c
Backport 2.1: check if iv is zero in gcm.
2017-07-20 00:30:44 +02:00
havege.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
hmac_drbg.c
Zeroize tmp bufs in hmac_drbg.c functions
2017-07-11 17:22:03 +01:00
Makefile
Merge remote-tracking branch 'upstream-public/pr/1501' into mbedtls-2.1-proposed
2018-04-01 12:41:33 +02:00
md2.c
Fix integer overflows in buffer bound checks
2017-02-20 21:49:01 +00:00
md4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md5.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:20:33 +02:00
md_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md.c
Zeroize tmp buf in mbedtls_md_file() md.c
2017-07-11 17:19:30 +01:00
memory_buffer_alloc.c
Fix braces in mbedtls_memory_buffer_alloc_status()
2018-04-17 16:46:41 +02:00
net.c
Fix multiple quality issues in the source
2018-06-22 11:22:44 +01:00
oid.c
pkcs5v2: add support for additional hmacSHA algorithms
2018-02-14 11:12:58 +01:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Merge remote-tracking branch 'upstream-public/pr/1009' into mbedtls-2.1-proposed
2018-03-12 23:44:48 +01:00
pk_wrap.c
Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH
2018-03-30 18:51:14 +02:00
pk.c
Change PK module preprocessor check on word size
2017-08-04 13:43:07 +01:00
pkcs5.c
Treat warnings as errors for IAR
2018-06-14 08:48:49 +01:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Fix stack buffer overflow in pkcs12
2015-09-28 19:47:50 +02:00
pkparse.c
Fix parsing of PKCS#8 encoded Elliptic Curve keys.
2018-03-22 18:03:30 -07:00
pkwrite.c
Fix other occurrences of same bounds check issue
2015-11-02 10:43:03 +09:00
platform.c
Fix compilation error with Mingw32
2018-01-22 19:06:57 +02:00
ripemd160.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
rsa.c
Merge remote-tracking branch 'upstream-restricted/pr/360' into mbedtls-2.1-restricted-proposed
2018-03-13 17:26:49 +01:00
sha1.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:20:33 +02:00
sha256.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:20:33 +02:00
sha512.c
Fix Lucky 13 cache attack on MD/SHA padding
2018-07-12 10:20:33 +02:00
ssl_cache.c
Address PR review comments
2017-10-30 18:11:38 +02:00
ssl_ciphersuites.c
Undo API change
2017-06-20 19:33:51 +01:00
ssl_cli.c
Fix bounds check in ssl_parse_server_psk_hint()
2018-10-08 13:55:30 +01:00
ssl_cookie.c
Backport 2.1:Resource leak in ssl_cookie and mutex
2017-03-02 21:11:16 +00:00
ssl_srv.c
Merge remote-tracking branch 'upstream-public/pr/1815' into mbedtls-2.1
2018-08-10 11:00:40 +01:00
ssl_ticket.c
Fix bug in SSL ticket implementation removing keys of age < 1s
2018-08-22 15:05:07 +01:00
ssl_tls.c
Merge remote-tracking branch 'restricted/pr/438' into mbedtls-2.1-restricted
2018-08-28 15:35:41 +01:00
threading.c
Do not define and initialize global mutexes on configurations that do not use them.
2018-03-21 15:32:47 +00:00
timing.c
Fix alarm(0) failure on mingw32
2018-01-29 13:23:40 +01:00
version_features.c
Adapt version_features.c
2018-02-22 16:18:07 +01:00
version.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-11-02 10:43:03 +09:00
x509_crl.c
x509: CRL: reject unsupported critical extensions
2018-03-14 09:28:24 +01:00
x509_crt.c
Merge remote-tracking branch 'restricted/pr/497' into mbedtls-2.1-restricted
2018-08-28 15:31:41 +01:00
x509_csr.c
Merge remote-tracking branch 'public/pr/1771' into mbedtls-2.1
2018-06-28 11:38:18 +01:00
x509.c
x509.c: Remove unused includes
2018-07-02 12:17:44 +01:00
x509write_crt.c
Use X509 CRT version macros for version checks in x509write_crt_der
2017-10-04 14:52:21 +01:00
x509write_csr.c
Minor style and typo corrections
2017-10-04 14:51:32 +01:00
xtea.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00