From 9f81231fb84736c11fdae47b2f707c6e3127ddbb Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Mon, 28 Sep 2015 19:22:33 +0100 Subject: [PATCH] Revised hostname length check from review --- include/mbedtls/ssl.h | 3 +-- library/ssl_tls.c | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 780aa62a9..767b06633 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -139,8 +139,7 @@ #define MBEDTLS_SSL_TRANSPORT_STREAM 0 /*!< TLS */ #define MBEDTLS_SSL_TRANSPORT_DATAGRAM 1 /*!< DTLS */ -#define MBEDTLS_SSL_MAX_HOST_NAME 255 /*!< Maximum host name -defined in RFC 1035 */ +#define MBEDTLS_SSL_MAX_HOST_NAME_LEN 255 /*!< Maximum host name defined in RFC 1035 */ /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c * NONE must be zero so that memset()ing structure to zero works */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 23165a43d..9702971b4 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5833,7 +5833,7 @@ int mbedtls_ssl_set_hostname( mbedtls_ssl_context *ssl, const char *hostname ) if( hostname_len + 1 == 0 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME ) + if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); ssl->hostname = mbedtls_calloc( 1, hostname_len + 1 );