mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 19:05:44 +00:00
Add run-time check for record content size in ssl_encrypt_buf
This commit is contained in:
parent
a8434e8f95
commit
d33f1ca34c
|
@ -1268,6 +1268,13 @@ static int ssl_encrypt_buf( mbedtls_ssl_context *ssl )
|
|||
MBEDTLS_SSL_DEBUG_BUF( 4, "before encrypt: output payload",
|
||||
ssl->out_msg, ssl->out_msglen );
|
||||
|
||||
if( ssl->out_msglen > MBEDTLS_SSL_MAX_CONTENT_LEN )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Record content too large, maximum %d",
|
||||
MBEDTLS_SSL_MAX_CONTENT_LEN ) );
|
||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
/*
|
||||
* Add MAC before if needed
|
||||
*/
|
||||
|
|
Loading…
Reference in a new issue