From 0c7e9a01048b351fb87e54d3bd192d60b870cd6f Mon Sep 17 00:00:00 2001 From: Marco Oliverio Date: Mon, 9 May 2022 10:40:35 +0200 Subject: [PATCH] internal.c: fix pad-size when more records are received at once don't consider the end of the record the end of received data as more records may be read at once when DTLS will be supported. --- src/internal.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/src/internal.c b/src/internal.c index 2745ce123..0a74450d3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -17360,13 +17360,13 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr) ssl->keys.decryptedCur = 1; #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) { - word16 i = (word16)(ssl->buffers.inputBuffer.length - - ssl->keys.padSz); + /* end of plaintext */ + word16 i = (word16)(ssl->buffers.inputBuffer.idx + + ssl->curSize - ssl->specs.aead_mac_size); - /* sanity check on underflow */ - if (ssl->keys.padSz >= ssl->buffers.inputBuffer.length) { - WOLFSSL_ERROR(DECRYPT_ERROR); - return DECRYPT_ERROR; + if (i > ssl->buffers.inputBuffer.length) { + WOLFSSL_ERROR(BUFFER_ERROR); + return BUFFER_ERROR; } /* Remove padding from end of plain text. */ @@ -17374,9 +17374,12 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr) if (ssl->buffers.inputBuffer.buffer[i] != 0) break; } + /* Get the real content type from the end of the data. */ ssl->curRL.type = ssl->buffers.inputBuffer.buffer[i]; - ssl->keys.padSz = ssl->buffers.inputBuffer.length - i; + /* consider both contentType byte and MAC as padding */ + ssl->keys.padSz = ssl->buffers.inputBuffer.idx + + ssl->curSize - i; } #endif }