Merge remote-tracking branch 'origin/pr/2719' into development

* origin/pr/2719:
  Deref pointer when using sizeof in x509_get_other_name
This commit is contained in:
Jaeden Amero 2019-07-09 13:54:43 +01:00
commit 150d7749ea
2 changed files with 4 additions and 3 deletions

View file

@ -78,6 +78,7 @@ Bugfix
* Avoid use of statically sized stack buffers for certificate writing. * Avoid use of statically sized stack buffers for certificate writing.
This previously limited the maximum size of DER encoded certificates This previously limited the maximum size of DER encoded certificates
in mbedtls_x509write_crt_der() to 2Kb. Reported by soccerGB in #2631. in mbedtls_x509write_crt_der() to 2Kb. Reported by soccerGB in #2631.
* Fix partial zeroing in x509_get_other_name. Found and fixed by ekse, #2716.
API Changes API Changes
* Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes, * Extend the MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,

View file

@ -1687,7 +1687,7 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name,
if( p + len >= end ) if( p + len >= end )
{ {
mbedtls_platform_zeroize( other_name, sizeof( other_name ) ); mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
} }
@ -1709,7 +1709,7 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name,
if( p + len >= end ) if( p + len >= end )
{ {
mbedtls_platform_zeroize( other_name, sizeof( other_name ) ); mbedtls_platform_zeroize( other_name, sizeof( *other_name ) );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
} }
@ -1725,7 +1725,7 @@ static int x509_get_other_name( const mbedtls_x509_buf *subject_alt_name,
if( p != end ) if( p != end )
{ {
mbedtls_platform_zeroize( other_name, mbedtls_platform_zeroize( other_name,
sizeof( other_name ) ); sizeof( *other_name ) );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
} }