yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-07-09 07:50:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Prevent potential NULL pointer dereference in ssl_read_record()

Browse source
This commit is contained in:
Paul Bakker 2014-04-08 14:36:50 +02:00
parent 6995efe8be
commit dedce0c35c
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ChangeLog
View file

@ -17,6 +17,8 @@ Security
attack was already impossible when authentication is required). attack was already impossible when authentication is required).
* Check notBefore timestamp of certificates and CRLs from the future. * Check notBefore timestamp of certificates and CRLs from the future.
* Forbid sequence number wrapping * Forbid sequence number wrapping
* Prevent potential NULL pointer dereference in ssl_read_record() (found by
TrustInSoft)
Bugfix Bugfix
* Fixed X.509 hostname comparison (with non-regular characters) * Fixed X.509 hostname comparison (with non-regular characters)

3
library/ssl_tls.c
View file

@ -1922,7 +1922,8 @@ int ssl_read_record( ssl_context *ssl )
return( POLARSSL_ERR_SSL_INVALID_RECORD ); return( POLARSSL_ERR_SSL_INVALID_RECORD );
} }
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); if( ssl->state != SSL_HANDSHAKE_OVER )
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
return( 0 ); return( 0 );
} }