Fix integer overflow in mbedtls_base64_decode() Fix potential integer overflows in the function mbedtls_base64_decode(). This overflow would mainly be exploitable in 32-bit systems and could cause buffer bound checks to be bypassed.

commit: 59abd301f53d295c9a831fdcf9f97ef2878df72a [log] [tgz]
author: Andres AG <andres.amayagarcia@arm.com> Wed Jan 18 17:21:03 2017 +0000
committer: Simon Butcher <simon.butcher@arm.com> Sat Feb 25 21:27:17 2017 +0000
tree: 14bf6da8b1d9cf22d603640d6d63ef33b424a8f7
parent: 74ef65077202543b06f1d310d2db3fb69facc0d7 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 6f5d24b..d8b1061 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -22,6 +22,8 @@
      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
    * Fixed potential arithmetic overflow in mbedtls_md2_update() that could
      cause buffer bound checks to be bypassed. Found by Eyal Itkin.
+   * Fixed potential arithmetic overflow in mbedtls_base64_decode() that could
+     cause buffer bound checks to be bypassed. Found by Eyal Itkin.
 
 = mbed TLS 1.3.18 branch 2016-10-17
commit	59abd301f53d295c9a831fdcf9f97ef2878df72a	[log] [tgz]
author	Andres AG <andres.amayagarcia@arm.com>	Wed Jan 18 17:21:03 2017 +0000
committer	Simon Butcher <simon.butcher@arm.com>	Sat Feb 25 21:27:17 2017 +0000
tree	14bf6da8b1d9cf22d603640d6d63ef33b424a8f7
parent	74ef65077202543b06f1d310d2db3fb69facc0d7 [diff] [blame]