Commit 61885c7f authored by Paul Bakker's avatar Paul Bakker

Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites

In case full SSL frames arrived, they were rejected because an overly
strict padding check.
parent fdba4688
......@@ -11,6 +11,8 @@ Bugfix
* Typos in platform.c and pkcs11.c (found by Daniel Phillips and Steffan
Karger)
* cert_write app should use subject of issuer certificate as issuer of cert
* Fix false reject in padding check in ssl_decrypt_buf() for CBC
ciphersuites, for full SSL frames of data.
= PolarSSL 1.3.6 released on 2014-04-11
......
......@@ -1633,13 +1633,15 @@ static int ssl_decrypt_buf( ssl_context *ssl )
* Padding is guaranteed to be incorrect if:
* 1. padlen >= ssl->in_msglen
*
* 2. padding_idx > SSL_MAX_CONTENT_LEN
* 2. padding_idx >= SSL_MAX_CONTENT_LEN +
* ssl->transform_in->maclen
*
* In both cases we reset padding_idx to a safe value (0) to
* prevent out-of-buffer reads.
*/
correct &= ( ssl->in_msglen >= padlen + 1 );
correct &= ( padding_idx <= SSL_MAX_CONTENT_LEN );
correct &= ( padding_idx < SSL_MAX_CONTENT_LEN +
ssl->transform_in->maclen );
padding_idx *= correct;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment