wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

internal sanity checks on memcmp

Browse Source
This commit is contained in:
toddouska
2012-06-01 15:25:46 -07:00
parent 217053a780
commit ba2d7f590e
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/internal.c
View File

@@ -2822,7 +2822,7 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz,
/* write to output */ /* write to output */
if (ivSz) { if (ivSz) {
XMEMCPY(output + idx, iv, ivSz); XMEMCPY(output + idx, iv, min(ivSz, sizeof(iv)));
idx += ivSz; idx += ivSz;
} }
XMEMCPY(output + idx, input, inSz); XMEMCPY(output + idx, input, inSz);
@@ -4235,7 +4235,7 @@ int SetCipherList(Suites* s, const char* list)
i += RAN_LEN; i += RAN_LEN;
b = input[i++]; b = input[i++];
if (b) { if (b) {
XMEMCPY(ssl->arrays.sessionID, input + i, b); XMEMCPY(ssl->arrays.sessionID, input + i, min(b, ID_LEN));
i += b; i += b;
ssl->options.haveSessionId = 1; ssl->options.haveSessionId = 1;
} }
@@ -4506,7 +4506,7 @@ int SetCipherList(Suites* s, const char* list)
encSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH); encSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (encSigSz != (word32)ret || XMEMCMP(out, encodedSig, if (encSigSz != (word32)ret || XMEMCMP(out, encodedSig,
encSigSz) != 0) min(encSigSz, MAX_ENCODED_SIG_SZ)) != 0)
return VERIFY_SIGN_ERROR; return VERIFY_SIGN_ERROR;
} }
else { else {
@@ -6139,12 +6139,13 @@ int SetCipherList(Suites* s, const char* list)
sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH); sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH);
if (outLen == (int)sigSz && XMEMCMP(out, encodedSig,sigSz) == 0) if (outLen == (int)sigSz && XMEMCMP(out, encodedSig,
min(sigSz, MAX_ENCODED_SIG_SZ)) == 0)
ret = 0; /* verified */ ret = 0; /* verified */
} }
else { else {
if (outLen == sizeof(ssl->certHashes) && XMEMCMP(out, if (outLen == sizeof(ssl->certHashes) && XMEMCMP(out,
ssl->certHashes.md5, sizeof(ssl->certHashes)) == 0) &ssl->certHashes, sizeof(ssl->certHashes)) == 0)
ret = 0; /* verified */ ret = 0; /* verified */
} }
} }