feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for possible use of invalid *sslFrame and calculated headerSz in partial case with WOLFSSL_SNIFFER_CHAIN_INPUT.

Browse Source
This commit is contained in:
David Garske
2021-04-15 09:01:11 -07:00
parent d34161e482
commit 64c7830c93
1 changed files with 35 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/sniffer.c
View File

@ -4883,7 +4883,6 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
*sslFrame = ssl->buffers.inputBuffer.buffer;
*end = *sslFrame + *sslBytes;
}
}
if (vChain != NULL) {
#ifdef WOLFSSL_SNIFFER_CHAIN_INPUT
@ -4924,6 +4923,7 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo,
#endif
(void)chainSz;
}
}
if ((*session)->flags.clientHello == 0 && **sslFrame != handshake) {
/* Sanity check the packet for an old style client hello. */