From 29800d2fd177a59de02fc2c1eb1027556b31758f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 7 Aug 2018 14:30:18 +0100 Subject: [PATCH] Double check that record expansion is as expected during decryption --- library/ssl_tls.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 88b39b724..dc6647d78 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4641,6 +4641,11 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl ) return( ret ); } + if( ssl->in_iv + rec.data_offset != ssl->in_msg ) + { + /* Should never happen */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } ssl->in_msglen = rec.data_len; ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );