yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Avoid use of large stack buffers in mbedtls_x509_write_crt_pem()

Browse source 
This commit rewrites mbedtls_x509write_crt_pem() to not use
a statically size stack buffer to temporarily store the DER
encoded form of the certificate to be written.

This is not necessary because the DER-to-PEM conversion
accepts overlapping input and output buffers.
This commit is contained in:
Hanno Becker 2019-05-04 08:13:23 +01:00
parent 4063ad22b3
commit 67d42597a9
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
library/x509write_crt.c
View file

@ -527,18 +527,17 @@ int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt,
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
unsigned char output_buf[4096]; size_t olen;
size_t olen = 0;
if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf), if( ( ret = mbedtls_x509write_crt_der( crt, buf, size,
f_rng, p_rng ) ) < 0 ) f_rng, p_rng ) ) < 0 )
{ {
return( ret ); return( ret );
} }
if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT, if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
output_buf + sizeof(output_buf) - ret, buf + size - ret, ret,
ret, buf, size, &olen ) ) != 0 ) buf, size, &olen ) ) != 0 )
{ {
return( ret ); return( ret );
} }