feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #3131 from JacobBarthelmeh/Testing

Browse Source 
add sanity check on padSz
This commit is contained in:
toddouska
2020-07-22 16:39:27 -07:00
committed by GitHub
parent ea21d56463 85437e4097
commit d75e6d4f55
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/internal.c
View File

@ -15327,6 +15327,13 @@ int ProcessReply(WOLFSSL* ssl)
if (ssl->options.tls1_3) {
word16 i = (word16)(ssl->buffers.inputBuffer.length -
ssl->keys.padSz);
/* sanity check on underflow */
if (ssl->keys.padSz >= ssl->buffers.inputBuffer.length) {
WOLFSSL_ERROR(DECRYPT_ERROR);
return DECRYPT_ERROR;
}
/* Remove padding from end of plain text. */
for (--i; i > ssl->buffers.inputBuffer.idx; i--) {
if (ssl->buffers.inputBuffer.buffer[i] != 0)