Fix another use of uinitialized memory in ssl_parse_encrypted_pms

Complement to 0a8352b4: peer_pmslen is not initialized when decryption fails, so '|= peer_pmslen' may access uninitialized memory, as indicated by Frama-C/Eva. Co-authored-by: Gilles Peskine <gilles.peskine@arm.com> Signed-off-by: André Maroneze <maroneze@users.noreply.github.com>
2024-11-22 05:55:40 +01:00 · 2020-11-12 09:37:42 +01:00 · 2020-11-12 09:37:42 +01:00 · e78a0c3e14
commit e78a0c3e14
parent 481ff8e621
1 changed files with 5 additions and 4 deletions
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@ -3587,11 +3587,12 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
    /* In case of a failure in decryption, the decryption may write less than
     * 2 bytes of output, but we always read the first two bytes. It doesn't
     * matter in the end because diff will be nonzero in that case due to
-     * peer_pmslen being less than 48, and we only care whether diff is 0.
-     * But do initialize peer_pms for robustness anyway. This also makes
-     * memory analyzers happy (don't access uninitialized memory, even
-     * if it's an unsigned char). */
+     * ret being nonzero, and we only care whether diff is 0.
+     * But do initialize peer_pms and peer_pmslen for robustness anyway. This
+     * also makes memory analyzers happy (don't access uninitialized memory,
+     * even if it's an unsigned char). */
    peer_pms[0] = peer_pms[1] = ~0;
+    peer_pmslen = 0;

    ret = ssl_decrypt_encrypted_pms( ssl, p, end,
                                     peer_pms,