yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 11:34:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct dangerous typo in include/polarssl/ssl.h

Browse Source 
The definition of SSL_MAC_ADD depends on the presence of the
configuration option POLARSSL_ARC4_C, which was misspelled as
POLARSSL_RC4_C in ssl.h, leading to a too small buffer and
subsequently to a buffer overflow during record processing.
This commit fixes the typo.
This commit is contained in:
Hanno Becker 2017-11-29 17:51:03 +00:00
parent 0a139f9a03
commit ad951d131d
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -11,6 +11,8 @@ Security
side. side.
Bugfix Bugfix
* Fix typo in ssl.h leading to a too small value of SSL_MAC_ADD
in case CBC is disabled but ARC4 is enabled.
* Fix memory leak in ssl_set_hostname() when called multiple times. * Fix memory leak in ssl_set_hostname() when called multiple times.
Found by projectgus and jethrogb, #836. Found by projectgus and jethrogb, #836.
* Fix usage help in ssl_server2 example. Found and fixed by Bei Lin. * Fix usage help in ssl_server2 example. Found and fixed by Bei Lin.

2
include/polarssl/ssl.h
View File

@ -303,7 +303,7 @@
#define SSL_COMPRESSION_ADD 0 #define SSL_COMPRESSION_ADD 0
#endif #endif
#if defined(POLARSSL_RC4_C) || defined(POLARSSL_CIPHER_MODE_CBC) #if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_MODE_CBC)
/* Ciphersuites using HMAC */ /* Ciphersuites using HMAC */
#if defined(POLARSSL_SHA512_C) #if defined(POLARSSL_SHA512_C)
#define SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ #define SSL_MAC_ADD 48 /* SHA-384 used for HMAC */