diff options
author | RĂ©mi Verschelde <rverschelde@gmail.com> | 2020-07-02 22:21:46 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-02 22:21:46 +0200 |
commit | 661f8ee780927779b133fa3da8ed4a83bef5b44b (patch) | |
tree | 0a2f98672834d95dcc980dbce820b65ee0779baf /thirdparty/mbedtls/library/x509_crt.c | |
parent | 67e4082b1e73f3cbe518c499eb328b0f68f3419b (diff) | |
parent | 8ddf9fe4b031ff93892f99ec1c6cfceb3d0f951f (diff) |
Merge pull request #40057 from Faless/mbedtls/2.16.7
Update to mbedtls 2.16.7
Diffstat (limited to 'thirdparty/mbedtls/library/x509_crt.c')
-rw-r--r-- | thirdparty/mbedtls/library/x509_crt.c | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/thirdparty/mbedtls/library/x509_crt.c b/thirdparty/mbedtls/library/x509_crt.c index a3697f13f9..7d01585472 100644 --- a/thirdparty/mbedtls/library/x509_crt.c +++ b/thirdparty/mbedtls/library/x509_crt.c @@ -2,7 +2,13 @@ * X.509 certificate parsing and verification * * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved - * SPDX-License-Identifier: Apache-2.0 + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + * + * This file is provided under the Apache License 2.0, or the + * GNU General Public License v2.0 or later. + * + * ********** + * Apache License 2.0: * * Licensed under the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. @@ -16,6 +22,27 @@ * See the License for the specific language governing permissions and * limitations under the License. * + * ********** + * + * ********** + * GNU General Public License v2.0 or later: + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * ********** + * * This file is part of mbed TLS (https://tls.mbed.org) */ /* @@ -527,6 +554,12 @@ static int x509_get_basic_constraints( unsigned char **p, return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); + /* Do not accept max_pathlen equal to INT_MAX to avoid a signed integer + * overflow, which is an undefined behavior. */ + if( *max_pathlen == INT_MAX ) + return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + + MBEDTLS_ERR_ASN1_INVALID_LENGTH ); + (*max_pathlen)++; return( 0 ); |