mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 11:15:43 +01:00
Prevent potential NULL pointer dereference in ssl_read_record()
This commit is contained in:
parent
563ad02663
commit
4224bc0a4f
@ -12,6 +12,8 @@ Security
|
||||
This affects certificates in the user-supplied chain except the top
|
||||
certificate. If the user-supplied chain contains only one certificates,
|
||||
it is not affected (ie, its notAfter date is properly checked).
|
||||
* Prevent potential NULL pointer dereference in ssl_read_record() (found by
|
||||
TrustInSoft)
|
||||
|
||||
Bugfix
|
||||
* The length of various ClientKeyExchange messages was not properly checked.
|
||||
|
@ -2087,6 +2087,7 @@ int ssl_read_record( ssl_context *ssl )
|
||||
return( POLARSSL_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
|
||||
if( ssl->state != SSL_HANDSHAKE_OVER )
|
||||
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
|
||||
|
||||
return( 0 );
|
||||
|
Loading…
Reference in New Issue
Block a user