Remove redundant length check during record header parsing
The check is in terms of the internal input buffer length and is hence likely to be originally intended to protect against overflow of the input buffer when fetching data from the underlying transport in mbedtls_ssl_fetch_input(). For locality of reasoning, it's better to perform such a check close to where it's needed, and in fact, mbedtls_ssl_fetch_input() _does_ contain an equivalent bounds check, too, rendering the bounds check in question redundant.
This commit is contained in:
parent
e2b786d40f
commit
c957e3b5f8
1 changed files with 0 additions and 7 deletions
|
@ -4935,13 +4935,6 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
|
|||
* the presence of a CID. */
|
||||
|
||||
ssl->in_msglen = ( ssl->in_len[0] << 8 ) | ssl->in_len[1];
|
||||
if( ssl->in_msglen > MBEDTLS_SSL_IN_BUFFER_LEN
|
||||
- (size_t)( ssl->in_msg - ssl->in_buf ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, "
|
||||
"version = [%d:%d], msglen = %d",
|
||||
ssl->in_msgtype,
|
||||
|
|
Loading…
Reference in a new issue