tls: Add overread/overwrite check failure tracking
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
e3dac4aaa1
commit
ad8c17b9c6
2 changed files with 51 additions and 0 deletions
|
|
@ -381,11 +381,36 @@ static inline size_t mbedtls_ssl_get_input_buflen( const mbedtls_ssl_context *ct
|
|||
* \return Zero if the needed space is available in the buffer, non-zero
|
||||
* otherwise.
|
||||
*/
|
||||
#if ! defined(MBEDTLS_TEST_HOOKS)
|
||||
static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
|
||||
const uint8_t *end, size_t need )
|
||||
{
|
||||
return( ( cur > end ) || ( need > (size_t)( end - cur ) ) );
|
||||
}
|
||||
#else
|
||||
typedef struct
|
||||
{
|
||||
const uint8_t *cur;
|
||||
const uint8_t *end;
|
||||
size_t need;
|
||||
} mbedtls_ssl_chk_buf_ptr_args;
|
||||
|
||||
void mbedtls_ssl_set_chk_buf_ptr_fail_args(
|
||||
const uint8_t *cur, const uint8_t *end, size_t need );
|
||||
void mbedtls_ssl_reset_chk_buf_ptr_fail_args( void );
|
||||
int mbedtls_ssl_cmp_chk_buf_ptr_fail_args( mbedtls_ssl_chk_buf_ptr_args *args );
|
||||
|
||||
static inline int mbedtls_ssl_chk_buf_ptr( const uint8_t *cur,
|
||||
const uint8_t *end, size_t need )
|
||||
{
|
||||
if( ( cur > end ) || ( need > (size_t)( end - cur ) ) )
|
||||
{
|
||||
mbedtls_ssl_set_chk_buf_ptr_fail_args( cur, end, need );
|
||||
return( 1 );
|
||||
}
|
||||
return( 0 );
|
||||
}
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief This macro checks if the remaining size in a buffer is
|
||||
|
|
|
|||
|
|
@ -58,6 +58,30 @@
|
|||
#include "mbedtls/oid.h"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
static mbedtls_ssl_chk_buf_ptr_args chk_buf_ptr_fail_args;
|
||||
|
||||
void mbedtls_ssl_set_chk_buf_ptr_fail_args(
|
||||
const uint8_t *cur, const uint8_t *end, size_t need )
|
||||
{
|
||||
chk_buf_ptr_fail_args.cur = cur;
|
||||
chk_buf_ptr_fail_args.end = end;
|
||||
chk_buf_ptr_fail_args.need = need;
|
||||
}
|
||||
|
||||
void mbedtls_ssl_reset_chk_buf_ptr_fail_args( void )
|
||||
{
|
||||
memset( &chk_buf_ptr_fail_args, 0, sizeof( chk_buf_ptr_fail_args ) );
|
||||
}
|
||||
|
||||
int mbedtls_ssl_cmp_chk_buf_ptr_fail_args( mbedtls_ssl_chk_buf_ptr_args *args )
|
||||
{
|
||||
return( ( chk_buf_ptr_fail_args.cur != args->cur ) ||
|
||||
( chk_buf_ptr_fail_args.end != args->end ) ||
|
||||
( chk_buf_ptr_fail_args.need != args->need ) );
|
||||
}
|
||||
#endif /* MBEDTLS_TEST_HOOKS */
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
|
|
@ -1103,6 +1127,8 @@ void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl,
|
|||
memset( ssl->in_buf, 0, in_buf_len );
|
||||
}
|
||||
|
||||
ssl->send_alert = 0;
|
||||
|
||||
/* Reset outgoing message writing */
|
||||
ssl->out_msgtype = 0;
|
||||
ssl->out_msglen = 0;
|
||||
|
|
|
|||
Loading…
Reference in a new issue