TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b2ee6b432e5a05ac12399515fbce710ba03e5c3d
commitb2ee6b432e5a05ac12399515fbce710ba03e5c3d[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Mon Jun 26 13:52:14 2017 +0100
committerHanno Becker <hanno.becker@arm.com>Mon Jun 26 14:11:16 2017 +0100
tree0f58d31319cf01f039f786eb1aa272341f959d8c
parent8a2855ee3cf2fb3443e12233fcbbea4a9492b683 [diff]
Prevent bounds check bypass through overflow in PSK identity parsing

The check `if( *p + n > end )` in `ssl_parse_client_psk_identity` is
unsafe because `*p + n` might overflow, thus bypassing the check. As
`n` is a user-specified value up to 65K, this is relevant if the
library happens to be located in the last 65K of virtual memory.

This commit replaces the check by a safe version.
1 file changed
tree: 0f58d31319cf01f039f786eb1aa272341f959d8c
  1. configs/
  2. doxygen/
  3. include/
  4. library/
  5. programs/
  6. scripts/
  7. tests/
  8. visualc/
  9. .gitignore
  10. .travis.yml
  11. ChangeLog
  12. CMakeLists.txt
  13. DartConfiguration.tcl
  14. LICENSE
  15. Makefile
  16. README.rst