Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unneeded check in ssl_write_certificate_request #2916

Closed
irwir opened this issue Nov 4, 2019 · 0 comments · Fixed by #3150
Closed

Unneeded check in ssl_write_certificate_request #2916

irwir opened this issue Nov 4, 2019 · 0 comments · Fixed by #3150
Labels
enhancement help-wanted This issue is not being actively worked on, but PRs welcome.

Comments

@irwir
Copy link
Contributor

irwir commented Nov 4, 2019

https://github.com/ARMmbed/mbedtls/blob/7b6d8c27c8fcff9baf39792ff2c44faa87660b97/library/ssl_srv.c#L2972-L2974

The second check is pointless, It should be

if( end < p || (size_t)( end - p ) < 2 + dn_size )
@Patater Patater added help-wanted This issue is not being actively worked on, but PRs welcome. enhancement labels Dec 19, 2019
irwir added a commit to irwir/mbedtls that referenced this issue Apr 1, 2020
@irwir
Resolves Mbed-TLS#2916
32d1a9d 
It is sufficient to check for the strongest limit only.
@irwir irwir mentioned this issue Apr 1, 2020
Merged
irwir added a commit to irwir/mbedtls that referenced this issue Apr 1, 2020
@irwir
Resolve Mbed-TLS#2916
32ad222 
It is sufficient to check for the strongest limit only.

Signed-off-by: irwir <irwir@users.noreply.github.com>
irwir added a commit to irwir/mbedtls that referenced this issue Apr 6, 2020
@irwir
Resolve Mbed-TLS#2916
852394f 
It is sufficient to check for the strongest limit only.

Signed-off-by: irwir <irwir@users.noreply.github.com>
irwir added a commit to irwir/mbedtls that referenced this issue Apr 6, 2020
@irwir
Simplify bounds check in ssl_write_certificate_request
95b94d0 
It is sufficient to check for the strongest limit only. Using a smaller
type ensures there is no overflow (assuming size_t is at least 32 bits).

Fixes Mbed-TLS#2916

Signed-off-by: irwir <irwir@users.noreply.github.com>
irwir added a commit to irwir/mbedtls that referenced this issue Apr 21, 2020
@irwir
Simplify bounds check in ssl_write_certificate_request
c9bc300 
It is sufficient to check for the strongest limit only. Using a smaller
type ensures there is no overflow (assuming size_t is at least 32 bits).

Fixes Mbed-TLS#2916

Signed-off-by: irwir <irwir@users.noreply.github.com>
@mpg mpg closed this as completed in #3150 Apr 22, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help-wanted This issue is not being actively worked on, but PRs welcome.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Simplify checks in ssl_write_certificate_request irwir/mbedtls
2 participants
@Patater @irwir