Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
In case full SSL frames arrived, they were rejected because an overly strict padding check.
This commit is contained in:
parent
fdba46885b
commit
61885c7f7f
2 changed files with 6 additions and 2 deletions
|
@ -11,6 +11,8 @@ Bugfix
|
|||
* Typos in platform.c and pkcs11.c (found by Daniel Phillips and Steffan
|
||||
Karger)
|
||||
* cert_write app should use subject of issuer certificate as issuer of cert
|
||||
* Fix false reject in padding check in ssl_decrypt_buf() for CBC
|
||||
ciphersuites, for full SSL frames of data.
|
||||
|
||||
= PolarSSL 1.3.6 released on 2014-04-11
|
||||
|
||||
|
|
|
@ -1633,13 +1633,15 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
|||
* Padding is guaranteed to be incorrect if:
|
||||
* 1. padlen >= ssl->in_msglen
|
||||
*
|
||||
* 2. padding_idx > SSL_MAX_CONTENT_LEN
|
||||
* 2. padding_idx >= SSL_MAX_CONTENT_LEN +
|
||||
* ssl->transform_in->maclen
|
||||
*
|
||||
* In both cases we reset padding_idx to a safe value (0) to
|
||||
* prevent out-of-buffer reads.
|
||||
*/
|
||||
correct &= ( ssl->in_msglen >= padlen + 1 );
|
||||
correct &= ( padding_idx <= SSL_MAX_CONTENT_LEN );
|
||||
correct &= ( padding_idx < SSL_MAX_CONTENT_LEN +
|
||||
ssl->transform_in->maclen );
|
||||
|
||||
padding_idx *= correct;
|
||||
|
||||
|
|
Loading…
Reference in a new issue