Merge commit '8b9bcec' into dtls

* commit '8b9bcec': Stop assuming chars are signed Fix len miscalculation in buffer-based allocator Fix NULL dereference in buffer-based allocator Add test_suite_memory_buffer_alloc Add memory_buffer_alloc_self_test() Fix missing bound check Add test for ctr_drbg_update() input sanitizing Refactor for clearer correctness/security Stop assuming chars are signed Conflicts: library/ssl_tls.c
2026-02-18 16:33:01 +00:00 · 2015-01-20 16:36:03 +00:00
parent f3c500fe47 8b9bcecaae
commit f9c8a606b5
14 changed files with 270 additions and 65 deletions
--- a/include/polarssl/ctr_drbg.h
+++ b/include/polarssl/ctr_drbg.h
@@ -188,6 +188,10 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
 * \param ctx           CTR_DRBG context
 * \param additional    Additional data to update state with
 * \param add_len       Length of additional data
+ *
+ * \note                If add_len is greater than CTR_DRBG_MAX_SEED_INPUT,
+ *                      only the first CTR_DRBG_MAX_SEED_INPUT bytes are used,
+ *                      the remaining ones are silently discarded.
 */
 void ctr_drbg_update( ctr_drbg_context *ctx,
                      const unsigned char *additional, size_t add_len );
--- a/include/polarssl/memory_buffer_alloc.h
+++ b/include/polarssl/memory_buffer_alloc.h
@@ -115,6 +115,15 @@ void memory_buffer_alloc_status( void );
 */
 int memory_buffer_alloc_verify( void );

+#if defined(POLARSSL_SELF_TEST)
+/**
+ * \brief          Checkup routine
+ *
+ * \return         0 if successful, or 1 if a test failed
+ */
+int memory_buffer_alloc_self_test( int verbose );
+#endif
+
 #ifdef __cplusplus
 }
 #endif