593e8b27937c266a38aa8f1eca1dd237d7b63a9d - mirror/mbed-tls.git

commit	593e8b27937c266a38aa8f1eca1dd237d7b63a9d	[log] [tgz]
author	Andres Amaya Garcia <Andres.AmayaGarcia@arm.com>	Wed Jan 18 13:56:58 2017 +0000
committer	Andres Amaya Garcia <Andres.AmayaGarcia@arm.com>	Wed Jan 18 13:56:58 2017 +0000
tree	d8d8a0d9580eca10e0b40265dddc66faab2efc56
parent	c1d54bb7b2a80d0f153fd92a13e1b901778f17d3 [diff]

Fix integer overflows in buffer bound checks

Fix potential integer overflows in the following functions:
  * mbedtls_md2_update() to be bypassed and cause
  * mbedtls_cipher_update()
  * mbedtls_ctr_drbg_reseed()
This overflows would mainly be exploitable in 32-bit systems and could
cause buffer bound checks to be bypassed.

ChangeLog[diff]
library/cipher.c[diff]
library/ctr_drbg.c[diff]
library/md2.c[diff]

4 files changed

tree: d8d8a0d9580eca10e0b40265dddc66faab2efc56

configs/
doxygen/
include/
library/
programs/
scripts/
tests/
visualc/
.gitignore
.travis.yml
ChangeLog
CMakeLists.txt
DartConfiguration.tcl
LICENSE
Makefile
README.rst