forked from Mbed-TLS/mbedtls
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix stack buffer overflow in net functions with large file descriptor
Fix a stack buffer overflow with mbedtls_net_recv_timeout() when given a file descriptor that is beyond FD_SETSIZE. The bug was due to not checking that the file descriptor is within the range of an fd_set object. Fix Mbed-TLS#4169 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
- Loading branch information
1 parent
9c1ae18
commit e5df22e
Showing
2 changed files
with
10 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
Security | ||
* Fix a stack buffer overflow with mbedtls_net_recv_timeout() when given a | ||
file descriptor that is beyond FD_SETSIZE. Reported by FigBug in #4169. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters