Fix issue #2718 (condition always false)
This commit is contained in:
parent
c835672c51
commit
6527bd6dfc
3 changed files with 10 additions and 4 deletions
|
@ -1,5 +1,11 @@
|
|||
mbed TLS ChangeLog (Sorted per branch, date)
|
||||
|
||||
= mbed TLS 2.19.2 branch released xxxx-xx-xx
|
||||
|
||||
Bugfix
|
||||
* Remove a spurious check in ssl_parse_client_psk_identity that triggered
|
||||
a warning with some compilers. Fix contributed by irwir in #2856.
|
||||
|
||||
= mbed TLS 2.19.1 branch released 2019-09-16
|
||||
|
||||
Features
|
||||
|
|
|
@ -2339,7 +2339,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
|
|||
unsigned char *end )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
size_t len;
|
||||
uint16_t len;
|
||||
((void) ssl);
|
||||
|
||||
/*
|
||||
|
@ -2356,7 +2356,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
|
|||
len = (*p)[0] << 8 | (*p)[1];
|
||||
*p += 2;
|
||||
|
||||
if( end - (*p) < (int) len )
|
||||
if( end - (*p) < len )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message "
|
||||
"(psk_identity_hint length)" ) );
|
||||
|
|
|
@ -3810,7 +3810,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
|
|||
const unsigned char *end )
|
||||
{
|
||||
int ret = 0;
|
||||
size_t n;
|
||||
uint16_t n;
|
||||
|
||||
if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
|
||||
{
|
||||
|
@ -3830,7 +3830,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
|
|||
n = ( (*p)[0] << 8 ) | (*p)[1];
|
||||
*p += 2;
|
||||
|
||||
if( n < 1 || n > 65535 || n > (size_t) ( end - *p ) )
|
||||
if( n == 0 || n > end - *p )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) );
|
||||
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
||||
|
|
Loading…
Reference in a new issue