Fix off-by-one in buffer_size usage

The added null byte was accounted for twice, once by taking
opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1
when filling the buffer. Make opt.buffer_size the size that is actually
read, it's less confusing that way.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-04-06 23:34:36 +02:00
parent 736d91dae6
commit a30439a7f9

View file

@ -3464,7 +3464,7 @@ data_exchange:
do
{
int terminated = 0;
len = opt.buffer_size - 1;
len = opt.buffer_size;
memset( buf, 0, opt.buffer_size );
ret = mbedtls_ssl_read( &ssl, buf, len );
@ -3565,7 +3565,7 @@ data_exchange:
}
else /* Not stream, so datagram */
{
len = opt.buffer_size - 1;
len = opt.buffer_size;
memset( buf, 0, opt.buffer_size );
do