mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 17:05:42 +01:00
Verify that f_send and f_recv send and receive the expected length
Verify that f_send and f_recv send and receive the expected length
This commit is contained in:
parent
5bd15cbfa0
commit
b878805919
@ -23,8 +23,9 @@ Changes
|
|||||||
Contributed by Mathieu Briand.
|
Contributed by Mathieu Briand.
|
||||||
* Fix typo in a comment ctr_drbg.c. Contributed by Paul Sokolovsky.
|
* Fix typo in a comment ctr_drbg.c. Contributed by Paul Sokolovsky.
|
||||||
* Remove support for the library reference configuration for picocoin.
|
* Remove support for the library reference configuration for picocoin.
|
||||||
* Add guard to validate that out_left can not be negative. Raised by
|
* Verify that when (f_send, f_recv and f_recv_timeout) send or receive
|
||||||
samoconnor in #1245.
|
more than the required length an error is returned. Raised by
|
||||||
|
Sam O'Connor in #1245.
|
||||||
|
|
||||||
= mbed TLS 2.7.0 branch released 2018-02-03
|
= mbed TLS 2.7.0 branch released 2018-02-03
|
||||||
|
|
||||||
|
@ -2422,11 +2422,11 @@ int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want )
|
|||||||
if( ret < 0 )
|
if( ret < 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
// At this point ret value is positive, verify that adding ret
|
if ( (size_t)ret > len )
|
||||||
// value to ssl->in_left doesn't cause a wraparound
|
|
||||||
if (ssl->in_left + (size_t)ret < ssl->in_left)
|
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "wraparound happened over in_left value" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||||
|
( "f_recv returned %d bytes but only %zu were requested",
|
||||||
|
ret, len ) );
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2479,7 +2479,9 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
|
|||||||
|
|
||||||
if( (size_t)ret > ssl->out_left )
|
if( (size_t)ret > ssl->out_left )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "f_send returned value greater than out left size" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1,
|
||||||
|
( "f_send returned %d bytes but only %zu bytes were sent",
|
||||||
|
ret, ssl->out_left ) );
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user