eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add missing bounds check in X509 DER write funcs

Browse source 
This patch adds checks in both mbedtls_x509write_crt_der and
mbedtls_x509write_csr_der before the signature is written to buf
using memcpy().
This commit is contained in:
Andres AG 2016-09-02 15:23:48 +01:00 committed by Simon Butcher
parent e3d882ad4a
commit 60dbc93831
3 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
library/x509write_crt.c
View file

@ -413,6 +413,9 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
sig_oid, sig_oid_len, sig, sig_len ) );
if( len > (size_t)( c2 - buf ) )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
c2 -= len;
memcpy( c2, c, len );