From 452d53295599c310a64d4dcaa8f8ebefdbcae78c Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Thu, 5 Apr 2012 12:07:34 +0000
Subject: [PATCH]  - Fixed potential memory corruption on miscrafted client
 messages (found by Frama-C team at CEA LIST)

---
 ChangeLog         | 4 ++++
 library/ssl_tls.c | 7 +++++++
 2 files changed, 11 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 5849ceba1..dd07b0cd8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -22,6 +22,10 @@ Bugfix
    * Fixed handling error in mpi_cmp_mpi() on longer B values (found by
      Hui Dong)
 
+Security
+   * Fixed potential memory corruption on miscrafted client messages (found by
+     Frama-C team at CEA LIST)
+
 = Version 1.1.1 released on 2012-01-23
 Bugfix
    * Check for failed malloc() in ssl_set_hostname() and x509_get_entries()
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bbe8388a6..64012e54f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -880,6 +880,13 @@ static int ssl_decrypt_buf( ssl_context *ssl )
     /*
      * Always compute the MAC (RFC4346, CBCTIME).
      */
+    if( ssl->in_msglen <= ssl->maclen + padlen )
+    {
+        SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
+                    ssl->in_msglen, ssl->maclen, padlen ) );
+        return( POLARSSL_ERR_SSL_INVALID_MAC );
+    }
+
     ssl->in_msglen -= ( ssl->maclen + padlen );
 
     ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 );