yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add hash length check

Browse source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-07-20 17:34:14 +08:00
parent 9750f813a7
commit 3afdf36de7
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
library/ssl_tls13_client.c
View file

@ -2036,8 +2036,12 @@ static int ssl_tls13_postprocess_new_session_ticket( mbedtls_ssl_context *ssl,
psa_hash_alg = mbedtls_psa_translate_md( ciphersuite_info->mac );
hash_length = PSA_HASH_LENGTH( psa_hash_alg );
if( hash_length == -1 )
if( hash_length == -1 ||
( size_t )hash_length > sizeof( session->resumption_key ) )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
MBEDTLS_SSL_DEBUG_BUF( 3, "resumption_master_secret",
session->app_secrets.resumption_master_secret,