wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

internal.c: fix pad-size when more records are received at once

Browse Source 
don't consider the end of the record the end of received data as more records
may be read at once when DTLS will be supported.
This commit is contained in:
Marco Oliverio
2022-05-09 10:40:35 +02:00
parent 59fdf05155
commit 0c7e9a0104
1 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/internal.c
View File

@ -17360,13 +17360,13 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
ssl->keys.decryptedCur = 1;
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3) {
word16 i = (word16)(ssl->buffers.inputBuffer.length -
ssl->keys.padSz);
/* end of plaintext */
word16 i = (word16)(ssl->buffers.inputBuffer.idx +
ssl->curSize - ssl->specs.aead_mac_size);
/* sanity check on underflow */
if (ssl->keys.padSz >= ssl->buffers.inputBuffer.length) {
WOLFSSL_ERROR(DECRYPT_ERROR);
return DECRYPT_ERROR;
if (i > ssl->buffers.inputBuffer.length) {
WOLFSSL_ERROR(BUFFER_ERROR);
return BUFFER_ERROR;
}
/* Remove padding from end of plain text. */
@ -17374,9 +17374,12 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
if (ssl->buffers.inputBuffer.buffer[i] != 0)
break;
}
/* Get the real content type from the end of the data. */
ssl->curRL.type = ssl->buffers.inputBuffer.buffer[i];
ssl->keys.padSz = ssl->buffers.inputBuffer.length - i;
/* consider both contentType byte and MAC as padding */
ssl->keys.padSz = ssl->buffers.inputBuffer.idx
+ ssl->curSize - i;
}
#endif
}