libsec: improve fix #4: check valid length in TLS (msgRecv)
This commit should complete the work done at 90fe80e73b
Should also fix CID 155874.
This commit is contained in:
parent
f6e1c78244
commit
aa25654232
|
@ -1808,11 +1808,20 @@ msgRecv(TlsConnection *c, Msg *m)
|
|||
break;
|
||||
case HFinished:
|
||||
m->u.finished.n = c->finished.n;
|
||||
switch(m->u.finished.n){
|
||||
case TLSFinishedLen:
|
||||
case SSL3FinishedLen:
|
||||
if(n < m->u.finished.n)
|
||||
goto Short;
|
||||
memmove(m->u.finished.verify, p, m->u.finished.n);
|
||||
n -= m->u.finished.n;
|
||||
break;
|
||||
case BeforeSetVersion:
|
||||
default:
|
||||
tlsError(c, EDecodeError, "unexpected HFinished length");
|
||||
goto Err;
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
if(type != HClientHello && type != HServerHello && n != 0)
|
||||
|
|
Loading…
Reference in New Issue