mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 06:15:41 +01:00
Fix harmless use of uninitialized memory in ssl_parse_encrypted_pms
In ssl_parse_encrypted_pms, some operational failures from ssl_decrypt_encrypted_pms lead to diff being set to a value that depended on some uninitialized unsigned char and size_t values. This didn't affect the behavior of the program (assuming an implementation with no trap values for size_t) because all that matters is whether diff is 0, but Valgrind rightfully complained about the use of uninitialized memory. Behave nicely and initialize the offending memory.
This commit is contained in:
parent
725f1cb6bd
commit
0a8352b4c2
@ -3513,6 +3513,15 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||
size_t i, peer_pmslen;
|
||||
unsigned int diff;
|
||||
|
||||
/* In case of a failure in decryption, the decryption may write less than
|
||||
* 2 bytes of output, but we always read the first two bytes. It doesn't
|
||||
* matter in the end because diff will be nonzero in that case due to
|
||||
* peer_pmslen being less than 48, and we only care whether diff is 0.
|
||||
* But do initialize peer_pms for robustness anyway. This also makes
|
||||
* memory analyzers happy (don't access uninitialized memory, even
|
||||
* if it's an unsigned char). */
|
||||
peer_pms[0] = peer_pms[1] = ~0;
|
||||
|
||||
ret = ssl_decrypt_encrypted_pms( ssl, p, end,
|
||||
peer_pms,
|
||||
&peer_pmslen,
|
||||
|
Loading…
Reference in New Issue
Block a user