shimun/solo
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Compare commits

merge into: shimun:master
Branches Tags
shimun:master
shimun:master-old
shimun:reset-timeout
shimun:max_enumeration_issue
shimun:hmac-secret-uv
shimun:cred_dfs
shimun:rgerganov-cred-meta-fix
shimun:fix_version_in_build
shimun:cbor_safety
shimun:backup_improvements
shimun:b3.1.1
shimun:aaguid_cert_update
shimun:library_refactor
shimun:all-contributors/add-Nitrokey
shimun:bump3.0.0
shimun:all-contributors/add-ccinelli
shimun:simplify_build
shimun:move_certs_and_lock_to_data
shimun:fido2_on_u2f
shimun:redue_bootloader_size
shimun:all-contributors/add-jolo1581
shimun:key-backup
shimun:ctap2_issues
shimun:nfc_conformance
shimun:all-contributors/add-oplik0
shimun:ccid
shimun:cap_button_delay
shimun:all-contributors/add-kimusan
shimun:fixb_build
shimun:update-udev-docs
shimun:nfc_fido2_fixes
shimun:documentation_improvements
shimun:bump_2.4.3
shimun:fix_cdc_interfaces
shimun:cache_button
shimun:merlokk-pps_impl
shimun:all-contributors/add-szszszsz
shimun:windows_hello_error_codes
shimun:fix-hmac-secret
shimun:fault_tolerance
shimun:extapdu
shimun:sanitize
shimun:persistedkey
shimun:fido2-conformance
shimun:8lfp9n2gyxjssac4d2c7n5pcj1ydmg6n
shimun:4.0.0
shimun:3.1.3
shimun:3.1.2
shimun:3.1.1
shimun:3.1.0
shimun:3.0.1
shimun:3.0.0
shimun:2.5.3
shimun:2.5.2
shimun:2.5.1
shimun:2.5.0
shimun:2.4.3
shimun:2.4.2
shimun:2.4.1
shimun:2.4.0
shimun:2.3.0
shimun:2.2.2
shimun:2.2.1
shimun:2.2.0
shimun:2.1.0
shimun:2.0.0
shimun:1.1.1
shimun:1.1.0
shimun:1.0.2
shimun:1.0.1
shimun:basic-hacker-build
shimun:fido2-cert
...
pull from: shimun:cbor_safety
Branches Tags
shimun:master
shimun:master-old
shimun:reset-timeout
shimun:max_enumeration_issue
shimun:hmac-secret-uv
shimun:cred_dfs
shimun:rgerganov-cred-meta-fix
shimun:fix_version_in_build
shimun:cbor_safety
shimun:backup_improvements
shimun:b3.1.1
shimun:aaguid_cert_update
shimun:library_refactor
shimun:all-contributors/add-Nitrokey
shimun:bump3.0.0
shimun:all-contributors/add-ccinelli
shimun:simplify_build
shimun:move_certs_and_lock_to_data
shimun:fido2_on_u2f
shimun:redue_bootloader_size
shimun:all-contributors/add-jolo1581
shimun:key-backup
shimun:ctap2_issues
shimun:nfc_conformance
shimun:all-contributors/add-oplik0
shimun:ccid
shimun:cap_button_delay
shimun:all-contributors/add-kimusan
shimun:fixb_build
shimun:update-udev-docs
shimun:nfc_fido2_fixes
shimun:documentation_improvements
shimun:bump_2.4.3
shimun:fix_cdc_interfaces
shimun:cache_button
shimun:merlokk-pps_impl
shimun:all-contributors/add-szszszsz
shimun:windows_hello_error_codes
shimun:fix-hmac-secret
shimun:fault_tolerance
shimun:extapdu
shimun:sanitize
shimun:persistedkey
shimun:fido2-conformance
shimun:8lfp9n2gyxjssac4d2c7n5pcj1ydmg6n
shimun:4.0.0
shimun:3.1.3
shimun:3.1.2
shimun:3.1.1
shimun:3.1.0
shimun:3.0.1
shimun:3.0.0
shimun:2.5.3
shimun:2.5.2
shimun:2.5.1
shimun:2.5.0
shimun:2.4.3
shimun:2.4.2
shimun:2.4.1
shimun:2.4.0
shimun:2.3.0
shimun:2.2.2
shimun:2.2.1
shimun:2.2.0
shimun:2.1.0
shimun:2.0.0
shimun:1.1.1
shimun:1.1.0
shimun:1.0.2
shimun:1.0.1
shimun:basic-hacker-build
shimun:fido2-cert

2 Commits
master ... cbor_safet

Author SHA1 Message Date
Conor Patrick
eac22367db limit possible recursions in tinycbor 2020-02-27 15:28:01 -05:00
Conor Patrick
47a2b131e9 more strict checks in cbor parsing 2020-02-27 15:27:23 -05:00
2 changed files with 14 additions and 3 deletions
Show Stats Expand all files Collapse all files

14
fido2/ctap_parse.c
View File

@ -666,8 +666,8 @@ uint8_t ctap_parse_extensions(CborValue * val, CTAP_extensions * ext)
if (ret == CborErrorOutOfMemory) if (ret == CborErrorOutOfMemory)
{ {
printf2(TAG_ERR,"Error, rp map key is too large. Ignoring.\n"); printf2(TAG_ERR,"Error, rp map key is too large. Ignoring.\n");
cbor_value_advance(&map); check_ret( cbor_value_advance(&map) );
cbor_value_advance(&map); check_ret( cbor_value_advance(&map) );
continue; continue;
} }
check_ret(ret); check_ret(ret);
@ -1353,11 +1353,21 @@ uint8_t ctap_parse_client_pin(CTAP_clientPin * CP, uint8_t * request, int length
break; break;
case CP_getKeyAgreement: case CP_getKeyAgreement:
printf1(TAG_CP,"CP_getKeyAgreement\n"); printf1(TAG_CP,"CP_getKeyAgreement\n");
if (cbor_value_get_type(&map) != CborBooleanType)
{
printf2(TAG_ERR,"Error, expecting cbor boolean\n");
return CTAP2_ERR_INVALID_CBOR_TYPE;
}
ret = cbor_value_get_boolean(&map, &CP->getKeyAgreement); ret = cbor_value_get_boolean(&map, &CP->getKeyAgreement);
check_ret(ret); check_ret(ret);
break; break;
case CP_getRetries: case CP_getRetries:
printf1(TAG_CP,"CP_getRetries\n"); printf1(TAG_CP,"CP_getRetries\n");
if (cbor_value_get_type(&map) != CborBooleanType)
{
printf2(TAG_ERR,"Error, expecting cbor boolean\n");
return CTAP2_ERR_INVALID_CBOR_TYPE;
}
ret = cbor_value_get_boolean(&map, &CP->getRetries); ret = cbor_value_get_boolean(&map, &CP->getRetries);
check_ret(ret); check_ret(ret);
break; break;

3
targets/stm32l432/build/application.mk
View File

@ -84,4 +84,5 @@ cbor:
cd ../../tinycbor/ && make clean cd ../../tinycbor/ && make clean
cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) \ cd ../../tinycbor/ && make CC="$(CC)" AR=$(AR) \
LDFLAGS="$(LDFLAGS_LIB)" \ LDFLAGS="$(LDFLAGS_LIB)" \
CFLAGS="$(CFLAGS) -Os" CFLAGS="$(CFLAGS) -Os -DCBOR_PARSER_MAX_RECURSIONS=3"