Searched hist:a987b89dab15ab7e79063aa085e696dcdb6feffe (Results 1 – 1 of 1) sorted by relevance
| /rk3399_ARM-atf/drivers/auth/mbedtls/ |
| H A D | mbedtls_x509_parser.c | a987b89dab15ab7e79063aa085e696dcdb6feffe Sat Jan 28 20:15:37 UTC 2023 Demi Marie Obenour <demiobenour@gmail.com> refactor(auth): use a single function for parsing extensions
Previously, extensions were parsed twice: once with error checking for
validation, and a second time without error checking to extract the
extension data. This is error prone and caused TFV-10 (CVE-2022-47630).
A simpler approach is to have get_ext() be responsible for all extension
parsing, and to treat a NULL OID as an indicator that get_ext() is only
being called for validation. cert_parse() checks that get_ext() returns
IMG_PARSER_OK and fails otherwise.
Change-Id: I65a2ff053a188351ba54799827a2b7bd833bb037
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
|