Merge pull request #6998 from SparkiDev/tls_pad_no_hash_raw_fix

TLS_hmac: when no raw hash, make sure maxSz is not neg
2023-11-27 09:37:57 -07:00
parent 9f06d337e3 bc36202087
commit 36015e9131
1 changed files with 2 additions and 0 deletions
--- a/src/tls.c
+++ b/src/tls.c
@@ -1139,6 +1139,8 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
    msgSz &= ~(0 - (msgSz >> 31));
    realSz = WOLFSSL_TLS_HMAC_INNER_SZ + msgSz;
    maxSz = WOLFSSL_TLS_HMAC_INNER_SZ + (sz - 1) - macSz;
+    /* Make negative result 0 */
+    maxSz &= ~(0 - (maxSz >> 31));

    /* Calculate #blocks processed in HMAC for max and real data. */
    blocks      = maxSz >> blockBits;