diff options
author | Paul Bakker <p.j.bakker@polarssl.org> | 2013-12-19 14:42:28 +0100 |
---|---|---|
committer | Paul Bakker <p.j.bakker@polarssl.org> | 2013-12-30 15:00:51 +0100 |
commit | 956c9e063db14fa3f52f8fee2fb5e597c43742c4 (patch) | |
tree | 5ae428b6a903e1f0d148a10cd3abcfaa36704383 /ChangeLog | |
parent | f9c4953e39b869f673936d883d6bf2a8845c74c8 (diff) | |
download | mbedtls-956c9e063db14fa3f52f8fee2fb5e597c43742c4.zip mbedtls-956c9e063db14fa3f52f8fee2fb5e597c43742c4.tar.gz mbedtls-956c9e063db14fa3f52f8fee2fb5e597c43742c4.tar.bz2 |
Reduced the input / output overhead with 200+ bytes and covered corner
case
The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.
Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.
We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -30,6 +30,10 @@ Bugfix * Memory leak in benchmark application * Fixed x509_crt_parse_path() bug on Windows platforms +Security + * Possible remotely-triggered out-of-bounds memory access fixed (found by + TrustInSoft) + = PolarSSL 1.3.2 released on 2013-11-04 Features * PK tests added to test framework |