WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add sanity check on padSz

pull/3131/head
Jacob Barthelmeh 2020-07-13 17:17:57 -06:00
parent a77085960e
commit 85437e4097
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/internal.c
View File

@ -15335,6 +15335,13 @@ int ProcessReply(WOLFSSL* ssl)
if (ssl->options.tls1_3) { if (ssl->options.tls1_3) {
word16 i = (word16)(ssl->buffers.inputBuffer.length - word16 i = (word16)(ssl->buffers.inputBuffer.length -
ssl->keys.padSz); ssl->keys.padSz);
/* sanity check on underflow */
if (ssl->keys.padSz >= ssl->buffers.inputBuffer.length) {
WOLFSSL_ERROR(DECRYPT_ERROR);
return DECRYPT_ERROR;
}
/* Remove padding from end of plain text. */ /* Remove padding from end of plain text. */
for (--i; i > ssl->buffers.inputBuffer.idx; i--) { for (--i; i > ssl->buffers.inputBuffer.idx; i--) {
if (ssl->buffers.inputBuffer.buffer[i] != 0) if (ssl->buffers.inputBuffer.buffer[i] != 0)