Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 2.28] Fix segfault in mbedtls_oid_get_numeric_string #7295

Merged
merged 1 commit into from
Mar 16, 2023
Merged

[Backport 2.28] Fix segfault in mbedtls_oid_get_numeric_string #7295

merged 1 commit into from
Mar 16, 2023

Conversation

DemiMarie
Copy link
Contributor

@DemiMarie DemiMarie commented Mar 15, 2023
edited by davidhorstmann-arm
Loading

Description

Please write a few sentences describing the overall goals of the pull request's commits.

Trivial backport of #7270.

Gatekeeper checklist

Notes for the submitter

Please refer to the contributing guidelines, especially the
checklist for PR contributors.

@minosgalanakis minosgalanakis added bug needs-review Every commit must be reviewed by at least two team members, needs-ci Needs to pass CI tests needs-preceding-pr Requires another PR to be merged first needs-reviewer This PR needs someone to pick it up for review priority-very-high Highest priority - prioritise this over other review work labels Mar 15, 2023
@minosgalanakis minosgalanakis mentioned this pull request Mar 15, 2023
Merged
3 tasks
@davidhorstmann-arm davidhorstmann-arm changed the title Fix segfault in mbedtls_oid_get_numeric_string [Backport 2.28] Fix segfault in mbedtls_oid_get_numeric_string Mar 15, 2023
@DemiMarie
Fix segfault in mbedtls_oid_get_numeric_string
6b8e8ff 
When passed an empty OID, mbedtls_oid_get_numeric_string would read one
byte from the zero-sized buffer and return an error code that depends on
its value.  This is demonstrated by the test suite changes, which
check that an OID with length zero and an invalid buffer pointer does
not cause Mbed TLS to segfault.

Also check that second and subsequent subidentifiers are terminated, and
add a test case for that.  Furthermore, stop relying on integer division
by 40, use the same loop for both the first and subsequent
subidentifiers, and add additional tests.

Signed-off-by: Demi Marie Obenour <[email protected]>
davidhorstmann-arm
davidhorstmann-arm approved these changes Mar 16, 2023
View reviewed changes
Copy link
Contributor

@davidhorstmann-arm davidhorstmann-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Faithful backport

@davidhorstmann-arm davidhorstmann-arm added single-reviewer This PR qualifies for having only one reviewer approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review labels Mar 16, 2023
@daverodgman daverodgman removed the needs-ci Needs to pass CI tests label Mar 16, 2023
@daverodgman daverodgman merged commit 4a1de0f into Mbed-TLS:mbedtls-2.28 Mar 16, 2023
@DemiMarie DemiMarie deleted the oid-fix-2.28 branch March 16, 2023 15:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidhorstmann-arm davidhorstmann-arm davidhorstmann-arm approved these changes

Assignees
No one assigned
Labels
approved Design and code approved - may be waiting for CI or backports bug needs-preceding-pr Requires another PR to be merged first priority-very-high Highest priority - prioritise this over other review work single-reviewer This PR qualifies for having only one reviewer
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@DemiMarie @davidhorstmann-arm @daverodgman @minosgalanakis