mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 01:24:21 +01:00
f8f61aad0f
This commit uses the previously defined macro to uniformize bounds checks in several places. It also adds bounds checks to the ClientHello writing function that were previously missing. Also, the functions adding extensions to the ClientHello message can now fail if the buffer is too small or a different error condition occurs, and moreover they take an additional buffer end parameter to free them from the assumption that one is writing to the default output buffer. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
10 lines
466 B
Plaintext
10 lines
466 B
Plaintext
Bugfix
|
|
* Add additional bounds checks in ssl_write_client_hello() preventing
|
|
output buffer overflow if the configuration declared a buffer that was
|
|
too small.
|
|
Changes
|
|
* Abort the ClientHello writing function as soon as some extension doesn't
|
|
fit into the record buffer. Previously, such extensions were silently
|
|
dropped. As a consequence, the TLS handshake now fails when the output
|
|
buffer is not large enough to hold the ClientHello.
|