Correct bounds check in ssl_buffer_message()

The previous bounds check omitted the DTLS handshake header.
2024-10-18 19:21:11 +00:00 · 2018-08-21 15:56:03 +01:00 · 2018-08-21 15:56:03 +01:00 · 96a6c69d0c
parent e0b150f96b
commit 96a6c69d0c
1 changed files with 1 additions and 1 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -4503,7 +4503,7 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl )
                 * This is an implementation-specific limitation
                 * and not one from the standard, hence it is not
                 * checked in ssl_check_hs_header(). */
-                if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN )
+                if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN )
                {
                    /* Ignore message */
                    goto exit;