yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-23 19:05:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't call ssl_fetch_input for record hdr size check in DTLS

Browse source 
In DTLS, if mbedtls_ssl_fetch_input() is called multiple times without
resetting the input buffer in between, the non-initial calls are functionally
equivalent to mere bounds checks ensuring that the incoming datagram is
large enough to hold the requested data. In the interest of code-size
and modularity (removing a call to a non-const function which is logically
const in this instance), this commit replaces such a call to
mbedtls_ssl_fetch_input() by an explicit bounds check in
ssl_parse_record_header().
This commit is contained in:
Hanno Becker 2019-07-10 14:53:43 +01:00
parent e538d8287e
commit 59be60e98b
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
library/ssl_tls.c
View file

@ -4894,7 +4894,6 @@ static int ssl_check_record_type( uint8_t record_type )
static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
{
int major_ver, minor_ver;
int ret;
/* Parse and validate record content type and version */
@ -4930,11 +4929,11 @@ static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
* This would fail, for example, if we received a datagram of
* size 13 + n Bytes where n is less than the size of incoming CIDs.
*/
ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_in_hdr_len( ssl ) );
if( ret != 0 )
if( ssl->in_left < mbedtls_ssl_in_hdr_len( ssl ) )
{
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
return( ret );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram too short to contain DTLS record header including CID of length %u.",
(unsigned) mbedtls_ssl_conf_get_cid_len( ssl->conf ) ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
}
else