mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 08:24:28 +01:00
TLS compression only allocates working buffer once
This commit is contained in:
parent
d61cc3b246
commit
1677033bc8
@ -3,6 +3,7 @@ PolarSSL ChangeLog (Sorted per branch, date)
|
|||||||
= Branch 1.3
|
= Branch 1.3
|
||||||
Changes
|
Changes
|
||||||
* RSA blinding locks for a smaller amount of time
|
* RSA blinding locks for a smaller amount of time
|
||||||
|
* TLS compression only allocates working buffer once
|
||||||
|
|
||||||
Bugfix
|
Bugfix
|
||||||
* Missing MSVC defines added
|
* Missing MSVC defines added
|
||||||
|
@ -667,6 +667,9 @@ struct _ssl_context
|
|||||||
size_t out_msglen; /*!< record header: message length */
|
size_t out_msglen; /*!< record header: message length */
|
||||||
size_t out_left; /*!< amount of data not yet written */
|
size_t out_left; /*!< amount of data not yet written */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ZLIB_SUPPORT)
|
||||||
|
unsigned char *compress_buf; /*!< zlib data buffer */
|
||||||
|
#endif
|
||||||
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
unsigned char mfl_code; /*!< MaxFragmentLength chosen by us */
|
unsigned char mfl_code; /*!< MaxFragmentLength chosen by us */
|
||||||
#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
|
#endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */
|
||||||
|
@ -706,6 +706,18 @@ int ssl_derive_keys( ssl_context *ssl )
|
|||||||
//
|
//
|
||||||
if( session->compression == SSL_COMPRESS_DEFLATE )
|
if( session->compression == SSL_COMPRESS_DEFLATE )
|
||||||
{
|
{
|
||||||
|
if( ssl->compress_buf == NULL )
|
||||||
|
{
|
||||||
|
SSL_DEBUG_MSG( 3, ( "Allocating compression buffer" ) );
|
||||||
|
ssl->compress_buf = polarssl_malloc( SSL_BUFFER_LEN );
|
||||||
|
if( ssl->compress_buf == NULL )
|
||||||
|
{
|
||||||
|
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed",
|
||||||
|
SSL_BUFFER_LEN ) );
|
||||||
|
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) );
|
SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) );
|
||||||
|
|
||||||
memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) );
|
memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) );
|
||||||
@ -1662,20 +1674,13 @@ static int ssl_compress_buf( ssl_context *ssl )
|
|||||||
int ret;
|
int ret;
|
||||||
unsigned char *msg_post = ssl->out_msg;
|
unsigned char *msg_post = ssl->out_msg;
|
||||||
size_t len_pre = ssl->out_msglen;
|
size_t len_pre = ssl->out_msglen;
|
||||||
unsigned char *msg_pre;
|
unsigned char *msg_pre = ssl->compress_buf;
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "=> compress buf" ) );
|
SSL_DEBUG_MSG( 2, ( "=> compress buf" ) );
|
||||||
|
|
||||||
if( len_pre == 0 )
|
if( len_pre == 0 )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
msg_pre = (unsigned char*) polarssl_malloc( len_pre );
|
|
||||||
if( msg_pre == NULL )
|
|
||||||
{
|
|
||||||
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len_pre ) );
|
|
||||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
|
||||||
}
|
|
||||||
|
|
||||||
memcpy( msg_pre, ssl->out_msg, len_pre );
|
memcpy( msg_pre, ssl->out_msg, len_pre );
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ",
|
SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ",
|
||||||
@ -1698,8 +1703,6 @@ static int ssl_compress_buf( ssl_context *ssl )
|
|||||||
|
|
||||||
ssl->out_msglen = SSL_BUFFER_LEN - ssl->transform_out->ctx_deflate.avail_out;
|
ssl->out_msglen = SSL_BUFFER_LEN - ssl->transform_out->ctx_deflate.avail_out;
|
||||||
|
|
||||||
polarssl_free( msg_pre );
|
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
|
SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ",
|
||||||
ssl->out_msglen ) );
|
ssl->out_msglen ) );
|
||||||
|
|
||||||
@ -1716,20 +1719,13 @@ static int ssl_decompress_buf( ssl_context *ssl )
|
|||||||
int ret;
|
int ret;
|
||||||
unsigned char *msg_post = ssl->in_msg;
|
unsigned char *msg_post = ssl->in_msg;
|
||||||
size_t len_pre = ssl->in_msglen;
|
size_t len_pre = ssl->in_msglen;
|
||||||
unsigned char *msg_pre;
|
unsigned char *msg_pre = ssl->compress_buf;
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) );
|
SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) );
|
||||||
|
|
||||||
if( len_pre == 0 )
|
if( len_pre == 0 )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
|
|
||||||
msg_pre = (unsigned char*) polarssl_malloc( len_pre );
|
|
||||||
if( msg_pre == NULL )
|
|
||||||
{
|
|
||||||
SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len_pre ) );
|
|
||||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
|
||||||
}
|
|
||||||
|
|
||||||
memcpy( msg_pre, ssl->in_msg, len_pre );
|
memcpy( msg_pre, ssl->in_msg, len_pre );
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ",
|
SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ",
|
||||||
@ -1752,8 +1748,6 @@ static int ssl_decompress_buf( ssl_context *ssl )
|
|||||||
|
|
||||||
ssl->in_msglen = SSL_MAX_CONTENT_LEN - ssl->transform_in->ctx_inflate.avail_out;
|
ssl->in_msglen = SSL_MAX_CONTENT_LEN - ssl->transform_in->ctx_inflate.avail_out;
|
||||||
|
|
||||||
polarssl_free( msg_pre );
|
|
||||||
|
|
||||||
SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
|
SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ",
|
||||||
ssl->in_msglen ) );
|
ssl->in_msglen ) );
|
||||||
|
|
||||||
@ -4228,6 +4222,14 @@ void ssl_free( ssl_context *ssl )
|
|||||||
polarssl_free( ssl->in_ctr );
|
polarssl_free( ssl->in_ctr );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(POLARSSL_ZLIB_SUPPORT)
|
||||||
|
if( ssl->compress_buf != NULL )
|
||||||
|
{
|
||||||
|
memset( ssl->compress_buf, 0, SSL_BUFFER_LEN );
|
||||||
|
polarssl_free( ssl->compress_buf );
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_DHM_C)
|
#if defined(POLARSSL_DHM_C)
|
||||||
mpi_free( &ssl->dhm_P );
|
mpi_free( &ssl->dhm_P );
|
||||||
mpi_free( &ssl->dhm_G );
|
mpi_free( &ssl->dhm_G );
|
||||||
|
Loading…
Reference in New Issue
Block a user