Home Explore Help
Sign In
Godot
/
godot
mirror of https://github.com/godotengine/godot.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

mbedtls: Update to upstream 3.6.2

Rémi Verschelde 8 months ago
parent
0f20e67d8d
commit
56922db85b
3 changed files with 16 additions and 8 deletions
Split View Show Diff Stats
  1. 1 1
      thirdparty/README.md
  2. 4 4
      thirdparty/mbedtls/include/mbedtls/build_info.h
  3. 11 3
      thirdparty/mbedtls/library/pkwrite.c

+ 1 - 1
thirdparty/README.md
View File 

@@ -561,7 +561,7 @@ File extracted from upstream source:
 
 ## mbedtls
 
 
 - Upstream: https://github.com/Mbed-TLS/mbedtls
 
-- Version: 3.6.1 (71c569d44bf3a8bd53d874c81ee8ac644dd6e9e3, 2024)
 
+- Version: 3.6.2 (107ea89daaefb9867ea9121002fbbdf926780e98, 2024)
 
 - License: Apache 2.0
 
 
 File extracted from upstream release tarball:

+ 4 - 4
thirdparty/mbedtls/include/mbedtls/build_info.h
View File 

@@ -26,16 +26,16 @@
 
  */
 
 #define MBEDTLS_VERSION_MAJOR  3
 
 #define MBEDTLS_VERSION_MINOR  6
 
-#define MBEDTLS_VERSION_PATCH  1
 
+#define MBEDTLS_VERSION_PATCH  2
 
 
 /**
 
  * The single version number has the following structure:
 
  *    MMNNPP00
 
  *    Major version | Minor version | Patch version
 
  */
 
-#define MBEDTLS_VERSION_NUMBER         0x03060100
 
-#define MBEDTLS_VERSION_STRING         "3.6.1"
 
-#define MBEDTLS_VERSION_STRING_FULL    "Mbed TLS 3.6.1"
 
+#define MBEDTLS_VERSION_NUMBER         0x03060200
 
+#define MBEDTLS_VERSION_STRING         "3.6.2"
 
+#define MBEDTLS_VERSION_STRING_FULL    "Mbed TLS 3.6.2"
 
 
 /* Macros for build-time platform detection */

+ 11 - 3
thirdparty/mbedtls/library/pkwrite.c
View File 

@@ -65,17 +65,21 @@ static int pk_write_rsa_der(unsigned char **p, unsigned char *buf,
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 
     if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
 
         uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE];
 
-        size_t len = 0, tmp_len = 0;
 
+        size_t tmp_len = 0;
 
 
         if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) {
 
             return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
 
         }
 
+        /* Ensure there's enough space in the provided buffer before copying data into it. */
 
+        if (tmp_len > (size_t) (*p - buf)) {
 
+            mbedtls_platform_zeroize(tmp, sizeof(tmp));
 
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
 
+        }
 
         *p -= tmp_len;
 
         memcpy(*p, tmp, tmp_len);
 
-        len += tmp_len;
 
         mbedtls_platform_zeroize(tmp, sizeof(tmp));
 
 
-        return (int) len;
 
+        return (int) tmp_len;
 
     }
 
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
     return mbedtls_rsa_write_key(mbedtls_pk_rsa(*pk), buf, p);
 
@@ -125,6 +129,10 @@ static int pk_write_ec_pubkey(unsigned char **p, unsigned char *start,
 
         if (psa_export_public_key(pk->priv_id, buf, sizeof(buf), &len) != PSA_SUCCESS) {
 
             return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
 
         }
 
+        /* Ensure there's enough space in the provided buffer before copying data into it. */
 
+        if (len > (size_t) (*p - start)) {
 
+            return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL;
 
+        }
 
         *p -= len;
 
         memcpy(*p, buf, len);
 
         return (int) len;