yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-05-13 17:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Correct bounds check in ssl_buffer_message()

Browse source 
The previous bounds check omitted the DTLS handshake header.
This commit is contained in:
Hanno Becker 2018-08-21 15:56:03 +01:00
parent e0b150f96b
commit 96a6c69d0c
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
library/ssl_tls.c
View file

@ -4503,7 +4503,7 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl )
* This is an implementation-specific limitation * This is an implementation-specific limitation
* and not one from the standard, hence it is not * and not one from the standard, hence it is not
* checked in ssl_check_hs_header(). */ * checked in ssl_check_hs_header(). */
if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) if( msg_len + 12 > MBEDTLS_SSL_IN_CONTENT_LEN )
{ {
/* Ignore message */ /* Ignore message */
goto exit; goto exit;