yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-03 00:10:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug in record decompression

Browse source 
ssl_decompress_buf() was operating on data from the ssl context, but called at
a point where this data is actually in the rec structure. Call it later so
that the data is back to the ssl structure.

Signed-off-by: Simon Butcher <simon.butcher@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2020-01-03 12:18:49 +01:00 committed by Simon Butcher
parent 079864ef54
commit ae48d86cb1
1 changed files with 21 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
library/ssl_tls.c
View file

@ -5587,7 +5587,7 @@ static int ssl_check_client_reconnect( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */ #endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE && MBEDTLS_SSL_SRV_C */
/* /*
* If applicable, decrypt (and decompress) record content * If applicable, decrypt record content
*/ */
static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
mbedtls_record *rec ) mbedtls_record *rec )
@ -5710,18 +5710,6 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
} }
#if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->transform_in != NULL &&
ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
{
if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret );
return( ret );
}
}
#endif /* MBEDTLS_ZLIB_SUPPORT */
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) ) if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) )
{ {
@ -6609,6 +6597,26 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
ssl->in_msglen = rec.data_len; ssl->in_msglen = rec.data_len;
(void)mbedtls_platform_put_uint16_be( ssl->in_len, rec.data_len ); (void)mbedtls_platform_put_uint16_be( ssl->in_len, rec.data_len );
#if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->transform_in != NULL &&
ssl->session_in->compression == MBEDTLS_SSL_COMPRESS_DEFLATE )
{
if( ( ret = ssl_decompress_buf( ssl ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret );
return( ret );
}
/* Check actual (decompress) record content length against
* configured maximum. */
if( ssl->in_msglen > MBEDTLS_SSL_IN_CONTENT_LEN )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad message length" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
}
#endif /* MBEDTLS_ZLIB_SUPPORT */
return( 0 ); return( 0 );
} }