mirror of
https://github.com/yuzu-emu/mbedtls
synced 2024-11-24 12:48:32 +00:00
Further tightened the padlen check to prevent underflow / overflow
This commit is contained in:
parent
76b8ab73cd
commit
91c61bc4fd
2 changed files with 6 additions and 5 deletions
|
@ -32,6 +32,8 @@ Security
|
|||
* Check notBefore timestamp of certificates and CRLs from the future.
|
||||
* Forbid sequence number wrapping
|
||||
* Fixed possible buffer overflow with overlong PSK
|
||||
* Possible remotely-triggered out-of-bounds memory access fixed (found by
|
||||
TrustInSoft)
|
||||
|
||||
Bugfix
|
||||
* ecp_gen_keypair() does more tries to prevent failure because of
|
||||
|
|
|
@ -1626,16 +1626,15 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||
|
||||
/*
|
||||
* Padding is guaranteed to be incorrect if:
|
||||
* 1. padlen - 1 > ssl->in_msglen
|
||||
* 1. padlen >= ssl->in_msglen
|
||||
*
|
||||
* 2. ssl->in_msglen + padlen >
|
||||
* SSL_MAX_CONTENT_LEN + 256 (max padding)
|
||||
* 2. padding_idx > SSL_MAX_CONTENT_LEN
|
||||
*
|
||||
* In both cases we reset padding_idx to a safe value (0) to
|
||||
* prevent out-of-buffer reads.
|
||||
*/
|
||||
correct &= ( ssl->in_msglen >= padlen - 1 );
|
||||
correct &= ( ssl->in_msglen + padlen <= SSL_MAX_CONTENT_LEN + 256 );
|
||||
correct &= ( ssl->in_msglen >= padlen + 1 );
|
||||
correct &= ( padding_idx <= SSL_MAX_CONTENT_LEN );
|
||||
|
||||
padding_idx *= correct;
|
||||
|
||||
|
|
Loading…
Reference in a new issue