yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Get PSK length & check for buffer size before writting in ECHDE-PSK PSA version of ssl_parse_client_key_exchange()

Browse source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-04-05 10:02:59 +02:00
parent 3cae167e6a
commit ede381c808
1 changed files with 4 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
library/ssl_tls12_server.c
View file

@ -4115,10 +4115,6 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
MBEDTLS_PUT_UINT16_BE( zlen, psm, 0 );
psm += zlen_size + zlen;
/* opaque psk<0..2^16-1>; */
if( psm_end - psm < 2 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
const unsigned char *psk = NULL;
size_t psk_len = 0;
@ -4130,13 +4126,14 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
*/
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
/* opaque psk<0..2^16-1>; */
if( (size_t)( psm_end - psm ) < ( 2 + psk_len ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
/* Write the PSK length as uint16 */
MBEDTLS_PUT_UINT16_BE( psk_len, psm, 0 );
psm += 2;
if( psm_end < psm || (size_t)( psm_end - psm ) < psk_len )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
/* Write the PSK itself */
memcpy( psm, psk, psk_len );
psm += psk_len;