yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
mbedtls/library
History
Hanno Becker d4d60579e4 Address issues found by coverity 
1) `mbedtls_rsa_import_raw` used an uninitialized return
   value when it was called without any input parameters.
   While not sensible, this is allowed and should be a
   succeeding no-op.

2) The MPI test for prime generation missed a return value
   check for a call to `mbedtls_mpi_shift_r`. This is neither
   critical nor new but should be fixed.

3) Both the RSA keygeneration example program and the
   RSA test suites contained code initializing an RSA context
   after a potentially failing call to CTR DRBG initialization,
   leaving the corresponding RSA context free call in the
   cleanup section of the respective function orphaned.
   While this defect existed before, Coverity picked up on
   it again because of newly introduced MPI's that were
   also wrongly initialized only after the call to CTR DRBG
   init. The commit fixes both the old and the new issue
   by moving the initializtion of both the RSA context and
   all MPI's prior to the first potentially failing call.
2018-01-10 07:30:47 +00:00
..
.gitignore Split libs with make + general make cleanups 2015-06-25 10:59:56 +02:00
aes.c Merge remote-tracking branch 'upstream-public/pr/964' into development 2018-01-02 16:24:29 +01:00
aesni.c Fix build errors on x32 by using the generic 'add' instruction 2016-05-23 14:29:28 +01:00
arc4.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
asn1parse.c Fix 1 byte overread in mbedtls_asn1_get_int() 2016-10-13 13:54:14 +01:00
asn1write.c Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths 2016-08-25 15:42:27 +01:00
base64.c Add comment to integer overflow fix in base64.c 2017-02-15 23:31:07 +02:00
bignum.c Merge remote-tracking branch 'hanno/mpi_read_file_underflow' into development 2017-06-08 19:48:03 +02:00
blowfish.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
camellia.c Address user reported coverity issues. 2016-06-07 14:52:35 +01:00
ccm.c Allow alternate core implementation of CCM 2017-04-04 11:37:15 +02:00
certs.c Undo API change from SHA1 deprecation 2017-07-27 21:44:33 +01:00
cipher.c Fix integer overflows in buffer bound checks 2017-02-15 23:31:07 +02:00
cipher_wrap.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
cmac.c Merge remote-tracking branch 'upstream-public/pr/866' into development 2018-01-02 15:55:55 +01:00
CMakeLists.txt Merge branch 'development' into iotssl-1619 2017-12-22 10:24:32 +00:00
ctr_drbg.c Fix integer overflows in buffer bound checks 2017-02-15 23:31:07 +02:00
debug.c Fix compiler warning in debug.c 2017-02-15 09:08:26 +00:00
des.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
dhm.c Check return code of mbedtls_mpi_fill_random 2017-07-27 21:44:33 +01:00
ecdh.c Address PR cpomments reviews 2017-10-10 19:04:27 +03:00
ecdsa.c Merge remote-tracking branch 'upstream-public/pr/1027' into development 2018-01-09 10:42:03 +00:00
ecjpake.c Fix potential stack buffer overflow in ecjpake 2015-10-20 16:20:56 +02:00
ecp.c Check return code of mbedtls_mpi_fill_random 2017-07-27 21:44:33 +01:00
ecp_curves.c ECP: Add module and function level replacement options. 2017-05-11 22:42:14 +01:00
entropy.c Merge branch 'pr_1025' into development 2017-11-28 18:23:53 +01:00
entropy_poll.c Renames null entropy source function for clarity 2016-06-12 00:31:33 +01:00
error.c Merge remote-tracking branch 'upstream-public/pr/964' into development 2018-01-02 16:24:29 +01:00
gcm.c Merge remote-tracking branch 'upstream-public/pr/964' into development 2018-01-02 16:24:29 +01:00
havege.c Fixes warnings found by Clang static analyser 2016-05-23 23:18:26 +01:00
hmac_drbg.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
Makefile Introduce new files rsa_internal.[ch] for RSA helper functions 2017-10-11 11:00:19 +01:00
md.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md2.c Fix integer overflows in buffer bound checks 2017-02-15 23:31:07 +02:00
md4.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md5.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
md_wrap.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
memory_buffer_alloc.c Fixes memory leak in memory_buffer_alloc.c debug 2016-05-23 14:29:29 +01:00
net_sockets.c Merge remote-tracking branch 'upstream-public/pr/895' into development 2017-11-29 20:49:21 +01:00
oid.c Removing in compile time unused entries from oid_ecp_grp list 2016-09-04 15:14:38 +01:00
padlock.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pem.c Add missing ret code checks in PEM module 2017-05-30 16:40:36 +01:00
pk.c Change PK module preprocessor check on word size 2017-08-04 13:32:15 +01:00
pk_wrap.c Merge branch 'development' into iotssl-1619 2017-12-22 10:24:32 +00:00
pkcs5.c Fix output of PKCS#5 and RIPEMD-160 self tests 2016-08-25 16:36:35 +01:00
pkcs11.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
pkcs12.c Shut up a few clang-analyze warnings about use of uninitialized variables 2016-05-23 14:29:28 +01:00
pkparse.c Preserve old behavior by checking public key in RSA parsing function 2018-01-05 08:08:09 +00:00
pkwrite.c Adapt PK test suite to use new interface 2017-08-23 16:17:27 +01:00
platform.c Rename macro SETUP_ALT to SETUP_TEARDOWN_ALT 2017-07-27 21:44:33 +01:00
ripemd160.c Fix output of PKCS#5 and RIPEMD-160 self tests 2016-08-25 16:36:35 +01:00
rsa.c Address issues found by coverity 2018-01-10 07:30:47 +00:00
rsa_internal.c Add explicit type cast to avoid truncation warning 2018-01-03 09:27:40 +00:00
sha1.c Adds casts to zeroize functions to allow building as C++ 2016-05-23 14:29:32 +01:00
sha256.c Use allocated memory for SHA self tests 2016-10-13 15:10:14 +01:00
sha512.c Use allocated memory for SHA self tests 2016-10-13 15:10:14 +01:00
ssl_cache.c Address PR review comments 2017-10-29 17:53:52 +02:00
ssl_ciphersuites.c Undo API change 2017-07-27 21:44:33 +01:00
ssl_cli.c Merge remote-tracking branch 'upstream-public/pr/1141' into development 2017-11-29 20:50:59 +01:00
ssl_cookie.c Fix resource leak when using mutex and ssl_cookie 2017-03-02 12:26:11 +00:00
ssl_srv.c Parse Signature Algorithm ext when renegotiating 2017-10-12 23:21:37 +01:00
ssl_ticket.c Puts platform time abstraction into its own header 2016-07-13 14:46:18 +01:00
ssl_tls.c Merge remote-tracking branch 'upstream-public/pr/1141' into development 2017-11-29 20:50:59 +01:00
threading.c Remove mutexes from ECP hardware acceleration 2017-07-27 21:44:32 +01:00
timing.c Timing self test: shorten redundant tests 2017-12-20 22:31:17 +01:00
version.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00
version_features.c Merge remote-tracking branch 'upstream-public/pr/1060' into development 2018-01-09 12:20:54 +00:00
x509.c Correctly handle leap year in x509_date_is_valid() 2017-10-12 23:21:37 +01:00
x509_create.c Fix other occurrences of same bounds check issue 2015-10-21 12:50:45 +02:00
x509_crl.c Fix potential integer overflow parsing DER CRL 2017-07-27 21:44:34 +01:00
x509_crt.c Fix potential integer overflow parsing DER CRT 2017-07-27 21:44:34 +01:00
x509_csr.c Prevent signed integer overflow in CSR parsing 2017-07-27 21:44:34 +01:00
x509write_crt.c Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
x509write_csr.c Clarify code-paths in x509write_csr and x509write_crt 2017-09-22 16:05:43 +01:00
xtea.c Change main license to Apache 2.0 2015-09-04 14:21:07 +02:00