yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 08:45:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Don't call ssl_fetch_input for record content fetch in DTLS

Browse Source 
As explained in the previous commit, if mbedtls_ssl_fetch_input()
is called multiple times, all but the first call are equivalent to
bounds checks in the incoming datagram.
This commit is contained in:
Hanno Becker 2019-07-10 15:01:45 +01:00 committed by Manuel Pégourié-Gonnard
parent 29823466a1
commit dc4d62748c
1 changed files with 25 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
library/ssl_tls.c
View File

@ -5813,19 +5813,21 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
}
/*
* Read and optionally decrypt the message contents
* Make sure the entire record contents are available.
*
* In TLS, this means fetching them from the underlying transport.
* In DTLS, it means checking that the incoming datagram is large enough.
*/
if( ( ret = mbedtls_ssl_fetch_input( ssl,
mbedtls_ssl_in_hdr_len( ssl ) + ssl->in_msglen ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
return( ret );
}
/* Done reading this record, get ready for the next one */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) )
{
if( ssl->in_left < mbedtls_ssl_in_hdr_len( ssl ) + ssl->in_msglen )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Datagram too small to contain record." ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
/* Remember offset of next record within datagram. */
ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_in_hdr_len( ssl );
if( ssl->next_record_offset < ssl->in_left )
{
@ -5833,12 +5835,24 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
}
}
MBEDTLS_SSL_TRANSPORT_ELSE
#endif
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_PROTO_TLS)
{
ret = mbedtls_ssl_fetch_input( ssl,
mbedtls_ssl_in_hdr_len( ssl ) + ssl->in_msglen );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
return( ret );
}
ssl->in_left = 0;
}
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS */
/*
* Decrypt record contents.
*/
if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 )
{