yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-06-21 03:27:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Backport 2.1:Add guard to out_left to avoid negative values

Browse source 
return error when f_send return a value greater than out_left
This commit is contained in:
mohammad1603 2018-02-22 04:29:04 -08:00
parent ac33180219
commit f65add4f60
2 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ChangeLog
View file

@ -11,8 +11,14 @@ Bugfix
with flag MBEDTLS_X509_BADCERT_BAD_PK even when the key type was correct. with flag MBEDTLS_X509_BADCERT_BAD_PK even when the key type was correct.
In the context of SSL, this resulted in handshake failure. #1351 In the context of SSL, this resulted in handshake failure. #1351
Changes
* Add guard to validate that out_left can not be negative. Raised by
samoconnor in #1245.
= mbed TLS 2.1.10 branch released 2018-02-03 = mbed TLS 2.1.10 branch released 2018-02-03
Security Security
* Fix a heap corruption issue in the implementation of the truncated HMAC * Fix a heap corruption issue in the implementation of the truncated HMAC
extension. When the truncated HMAC extension is enabled and CBC is used, extension. When the truncated HMAC extension is enabled and CBC is used,

6
library/ssl_tls.c
View file

@ -2449,6 +2449,12 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl )
if( ret <= 0 ) if( ret <= 0 )
return( ret ); return( ret );
if( (size_t)ret > ssl->out_left )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "f_send returned value greater than out left size" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
ssl->out_left -= ret; ssl->out_left -= ret;
} }