mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-27 07:54:18 +01:00
Prevent potential NULL pointer dereference in ssl_read_record()
This commit is contained in:
parent
6995efe8be
commit
dedce0c35c
@ -17,6 +17,8 @@ Security
|
||||
attack was already impossible when authentication is required).
|
||||
* Check notBefore timestamp of certificates and CRLs from the future.
|
||||
* Forbid sequence number wrapping
|
||||
* Prevent potential NULL pointer dereference in ssl_read_record() (found by
|
||||
TrustInSoft)
|
||||
|
||||
Bugfix
|
||||
* Fixed X.509 hostname comparison (with non-regular characters)
|
||||
|
@ -1922,6 +1922,7 @@ int ssl_read_record( ssl_context *ssl )
|
||||
return( POLARSSL_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
|
||||
if( ssl->state != SSL_HANDSHAKE_OVER )
|
||||
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
|
||||
|
||||
return( 0 );
|
||||
|
Loading…
Reference in New Issue
Block a user