mbedtls

History

Gilles Peskine 6d576c9646 Call setbuf when reading or writing files: programs After opening a file containing sensitive data, call mbedtls_setbuf() to disable buffering. This way, we don't expose sensitive data to a memory disclosure vulnerability in a buffer outside our control. This commit adds a call to mbedtls_setbuf() after each call to fopen(), but only in sample programs that were calling mbedtls_platform_zeroize(). Don't bother protecting stdio buffers in programs where application buffers weren't protected. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>		2022-06-30 17:06:11 +02:00
..
CMakeLists.txt	Rename DEV_MODE to GEN_FILES	2021-10-25 13:16:04 +01:00
dtls_client.c	Replace all inclusions of config.h	2021-06-28 09:24:07 +01:00
dtls_server.c	Allow read-only access to lists of certificates, CRL, CRL entries	2021-08-31 23:18:07 +02:00
mini_client.c	mbedtls_net_context: make fd public on Unix/POSIX platforms	2021-08-31 22:54:27 +02:00
ssl_client1.c	Replace all inclusions of config.h	2021-06-28 09:24:07 +01:00
ssl_client2.c	Further code optimization	2022-05-06 09:34:30 +02:00
ssl_context_info.c	Refactor ssl_context_info time printing	2022-03-04 05:07:45 -05:00
ssl_fork_server.c	Allow read-only access to lists of certificates, CRL, CRL entries	2021-08-31 23:18:07 +02:00
ssl_mail_client.c	Rename config.h to mbedtls_config.h	2021-06-28 09:28:33 +01:00
ssl_pthread_server.c	Replace all inclusions of config.h	2021-06-28 09:24:07 +01:00
ssl_server.c	Allow read-only access to lists of certificates, CRL, CRL entries	2021-08-31 23:18:07 +02:00
ssl_server2.c	Further code optimization	2022-05-06 09:34:30 +02:00
ssl_test_common_source.c	Call setbuf when reading or writing files: programs	2022-06-30 17:06:11 +02:00
ssl_test_lib.c	Further code optimization	2022-05-06 09:34:30 +02:00
ssl_test_lib.h	Call setbuf when reading or writing files: programs	2022-06-30 17:06:11 +02:00