eden-emu/mbedtls
19
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove Extraneous bytes from buffer post pem write

Browse source 
In order to remove large buffers from the stack, the der data is written
into the same buffer that the pem is eventually written into, however
although the pem data is zero terminated, there is now data left in the
buffer after the zero termination, which can cause
mbedtls_x509_crt_parse to fail to parse the same buffer if passed back
in. Patches also applied to mbedtls_pk_write_pubkey_pem, and
mbedtls_pk_write_key_pem, which use similar methods of writing der data
to the same buffer, and tests modified to hopefully catch any future
regression on this.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2020-11-19 09:46:56 +00:00
parent 54a6f23393
commit 557b8d663a
4 changed files with 42 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
tests/suites/test_suite_x509write.function
View file

@ -104,7 +104,7 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
unsigned char buf[4096];
unsigned char check_buf[4000];
int ret;
size_t olen = 0, pem_len = 0;
size_t olen = 0, pem_len = 0, buf_index;
int der_len = -1;
FILE *f;
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
@ -130,6 +130,11 @@ void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
pem_len = strlen( (char *) buf );
for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
{
TEST_ASSERT( buf[buf_index] == 0 );
}
f = fopen( cert_req_check_file, "r" );
TEST_ASSERT( f != NULL );
olen = fread( check_buf, 1, sizeof( check_buf ), f );
@ -224,7 +229,7 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
unsigned char check_buf[5000];
mbedtls_mpi serial;
int ret;
size_t olen = 0, pem_len = 0;
size_t olen = 0, pem_len = 0, buf_index = 0;
int der_len = -1;
FILE *f;
mbedtls_test_rnd_pseudo_info rnd_info;
@ -293,6 +298,12 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
pem_len = strlen( (char *) buf );
// check that the rest of the buffer remains clear
for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
{
TEST_ASSERT( buf[buf_index] == 0 );
}
f = fopen( cert_check_file, "r" );
TEST_ASSERT( f != NULL );
olen = fread( check_buf, 1, sizeof( check_buf ), f );