Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/1630058dde922e0cfae7e0ab41c8409448c718a8^!/./ChangeLog
commit
1630058dde922e0cfae7e0ab41c8409448c718a8
[log]
author
Paul Bakker <p.j.bakker@polarssl.org>
Fri Apr 11 13:28:43 2014 +0200
committer
Paul Bakker <p.j.bakker@polarssl.org>
Fri Apr 11 13:58:05 2014 +0200
tree
504504acbbacc30bac82d62c242b55b33b207ef3
parent
d6ad8e949b3dce716601ea269e095db1b617533a [diff] [blame]
Potential buffer overwrite in pem_write_buffer() fixed

Length indication when given a too small buffer was off.
Added regression test in test_suite_pem to detect this.

diff --git a/ChangeLog b/ChangeLog
index 381988a..a8db52b 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -42,6 +42,8 @@
    * dhm_parse_dhm() (hence dhm_parse_dhmfile()) did not set dhm->len.
    * Calling pk_debug() on an RSA-alt key would segfault.
    * pk_get_size() and pk_get_len() were off by a factor 8 for RSA-alt keys.
+   * Potential buffer overwrite in pem_write_buffer() because of low length
+     indication (found by Thijs Alkemade)
 
 = PolarSSL 1.3.5 released on 2014-03-26
 Features