alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-01-20 21:52:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
cbed615e0eaff4bd6cf87aaa0c5aca9f7544c607
esp-idf/components/protocomm
History
Mahavir Jain a5601fbf0d fix(protocomm): add validation for Security1 client verifier data 
Add checks to validate client_verify_data pointer and length before
processing in handle_session_command1. Prevents NULL pointer dereference
when client omits verifier data in Session_Command1, which could cause
device crash during provisioning (remote DoS attack).

We would like to thank Pavel Kohout from Aisle Research for reporting
this vulnerability along with a mitigation strategy.
2025-12-10 14:18:55 +05:30
..
include
docs: Fix some typos
2025-04-30 18:35:39 +08:00
proto
protocomm: Generated proto-c and python files for SRP6a scheme
2022-06-17 13:16:20 +00:00
proto-c
protocomm: Generated proto-c and python files for SRP6a scheme
2022-06-17 13:16:20 +00:00
python
protocomm: Generated proto-c and python files for SRP6a scheme
2022-06-17 13:16:20 +00:00
src
fix(protocomm): add validation for Security1 client verifier data
2025-12-10 14:18:55 +05:30
test_apps
feat(esp32h4): enable ESP32H4 ci build
2025-03-28 14:41:28 +08:00
CMakeLists.txt
fix(build): clean up dependencies on driver component
2024-11-07 13:09:23 +01:00
Kconfig
feat(protocomm): add (hidden) config option to indicate security patch feature
2025-03-17 10:20:01 +05:30