Merge pull request #72 from wolfSSL/smallstack

dummy buffer replacement in timing resistant functions.
2015-06-04 11:38:50 -07:00 · 2015-06-04 11:38:50 -07:00 · 670c325f29
parent defd1f9f94 3d41595ed4
commit 670c325f29
1 changed files with 4 additions and 6 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -6062,11 +6062,10 @@ static int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t,
                           int pLen, int content)
 {
    byte verify[MAX_DIGEST_SIZE];
-    byte dummy[MAX_PAD_SIZE];
+    byte dmy[sizeof(WOLFSSL) >= MAX_PAD_SIZE ? 1 : MAX_PAD_SIZE] = {0};
+    byte* dummy = sizeof(dmy) < MAX_PAD_SIZE ? (byte*) ssl : dmy;
    int  ret = 0;

-    XMEMSET(dummy, 1, sizeof(dummy));
-
    if ( (t + padLen + 1) > pLen) {
        WOLFSSL_MSG("Plain Len not long enough for pad/mac");
        PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE);
@ -6300,9 +6299,8 @@ static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,
        else {  /* sslv3, some implementations have bad padding, but don't
                 * allow bad read */
            int  badPadLen = 0;
-            byte dummy[MAX_PAD_SIZE];
-
-            XMEMSET(dummy, 1, sizeof(dummy));
+            byte dmy[sizeof(WOLFSSL) >= MAX_PAD_SIZE ? 1 : MAX_PAD_SIZE] = {0};
+            byte* dummy = sizeof(dmy) < MAX_PAD_SIZE ? (byte*) ssl : dmy;

            if (pad > (msgSz - digestSz - 1)) {
                WOLFSSL_MSG("Plain Len not long enough for pad/mac");