mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 08:24:28 +01:00
Fix bug in record decompression
ssl_decompress_buf() was operating on data from the ssl context, but called at a point where this data is actually in the rec structure. Call it later so that the data is back to the ssl structure.
This commit is contained in:
parent
342d2ca9ab
commit
c40b685837
@ -5446,7 +5446,7 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
|
||||
#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
|
||||
|
||||
/*
|
||||
* If applicable, decrypt (and decompress) record content
|
||||
* If applicable, decrypt record content
|
||||
*/
|
||||
static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
||||
mbedtls_record *rec )
|
||||
@ -5572,18 +5572,6 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
||||
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_ZLIB_SUPPORT)
|
||||
if( ssl->transform_in != NULL &&
|
||||
ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
|
||||
{
|
||||
if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_ZLIB_SUPPORT */
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
|
||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||
{
|
||||
@ -6469,6 +6457,26 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
||||
ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
|
||||
ssl->in_len[1] = (unsigned char)( rec.data_len );
|
||||
|
||||
#if defined(MBEDTLS_ZLIB_SUPPORT)
|
||||
if( ssl->transform_in != NULL &&
|
||||
ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
|
||||
{
|
||||
if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/* Check actual (decompress) record content length against
|
||||
* configured maximum. */
|
||||
if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_ZLIB_SUPPORT */
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user