Buffer overflow in config_print_public_key()

MicrochipTech / cryptoauth_trustplatform_designsuite

The Trust Platform for CryptoAuthentication™ is a combination of multiple elements to simplify the addition of security to any embedded design. This platform includes Hardware protyping tools along with a unique design suite to accelerate the prototyping of the most common use cases.

Other

14 stars 12 forks source link

Buffer overflow in config_print_public_key() #3

Closed kilzerk closed 3 years ago

kilzerk commented 4 years ago

Off-by-one pointer dereference writes null past the end of the buffer. Should be applied in line#249 as well.

From v1.3.2 config.c...

238 uint8_t buf[128]; 239 uint8_t * tmp; 240 size_t buf_len = sizeof(buf); ... 249 tmp = buf + sizeof(buf) - ATCA_PUB_KEY_SIZE - sizeof(public_key_x509_header); ... 272 buf[buf_len] = 0;

KalyanCManukonda commented 3 years ago

Thanks for highlighting this. Since, this is part of deprecated projects request you to refer projects in cloud_connect folder. Would be deleting these projects from the repo in the upcoming releases.