niklas/cyclonedds
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
cyclonedds/src/security
History
Erik Boasson fa7999c5d8 Vet lengths of property lists in crypto deserialization 
The memory allocation in deserializing property lists within the crypto
code should not trust the deserialized length and try to allocate that
much memory but should first verify that the length is consistent with
the number of bytes remaining in the input.  (Noted by Coverity as use
of tainted data.)

Signed-off-by: Erik Boasson <eb@ilities.com>
2020-05-16 11:38:05 +02:00
..
api Access control tests 2020-04-22 17:41:27 +02:00
builtin_plugins Fix double free if local identity validation fails on certificate expiry 2020-05-16 11:38:05 +02:00
core Vet lengths of property lists in crypto deserialization 2020-05-16 11:38:05 +02:00
CMakeLists.txt Refactored tests for security core: introduced generic wrappers for security plugins and 2020-03-05 15:25:16 +01:00