Max Ammann

icon indicating a website link https://maxammann.org/ icon indicating an email [email protected]

icon company @KittyCAD ex @trailofbits @digitalfabrik @maplibre icon location Germany

Results 232 issues of Max Ammann

Add complete trace with 3rd step for CVE-2022-39173

4 comment

Rust cargo update

Update Rust

Postponed: Introduce and use Certificate, CertificatePrivateKey and Signature types

This makes the signature more tight. Postponed because this changes the signature.

Add mutation tests

Mutation tests were introduced to verify that mutations are able to reach certain vulnerabilities in reasonable steps. They are ignored right now because they should not run in CI.

uni-test

WolfSSL: Investigate why determinism makes CDOS not work

4 comment

Resolve: https://github.com/tlspuffin/tlspuffin/blob/f0f83434c026971749ff2253bae046c7124881a1/crates/wolfssl-src/src/lib.rs#L111-L112

PUT

Rename function

Shoud be named to stderr https://github.com/tlspuffin/tlspuffin/blob/8005fb4fbefdff63e1fee79d0ec64bd9242921a3/puffin/src/log.rs#L27C19-L36

Revaluate removed debug asserts

1 comment

https://github.com/tlspuffin/tlspuffin/commit/fdbe01262ace6f4517e13bc1408be857b1749446

enhancement

Avoid SEGV when not registereing a claimer

The patches to OpenSSL currently make it crash if no claimer is registered.

bug

Adjust CLAIM_MAX_AVAILABLE_CIPHERS for claim extraction

If an OpenSSl target has more than CLAIM_MAX_AVAILABLE_CIPHERS ciphers that it might crash while extracting them. We should add proper checks to avoid chrashes when unexpected data comes from the...

question