Corrected bug in decompression of expanded compression data.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2007-11-14 07:51:39 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2007-11-14 07:51:39 +0200
commit: 2b52de53f9602eba78e2796d23f5b78b3842b8f3 (patch)
tree: baa0a22dc346f5648abdd68cdf247a536c93785d
parent: d2276d3cdfb52012ccc7de852f42dae67b1bca69 (diff)
download: gnutls-2b52de53f9602eba78e2796d23f5b78b3842b8f3.tar.gz
5 files changed, 24 insertions, 14 deletions
diff --git a/NEWS b/NEWS
index b21062bfe6..49256dbebb 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,10 @@ Copyright (C) 2004, 2005, 2006, 2007 Simon Josefsson
 Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavroyanopoulos
 See the end for copying conditions.
 
+* Version 2.0.4 (unreleased)
+
+** Corrected bug in decompression of expanded compression data.           
+
 * Version 2.0.3 (released 2007-11-10)
 
 ** This version backports several fixes from the 2.1.x branch.
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index b2420f74d3..9e3dcdb676 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -91,7 +91,7 @@ _gnutls_encrypt (gnutls_session_t session, const opaque * headers,
       /* Here comp is allocated and must be 
        * freed.
        */
-      ret = _gnutls_m_plaintext2compressed (session, &comp, plain);
+      ret = _gnutls_m_plaintext2compressed (session, &comp, &plain);
       if (ret < 0)
 	{
 	  gnutls_assert ();
@@ -160,20 +160,20 @@ _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext,
 
       gcomp.data = data;
       gcomp.size = ret;
-      ret = _gnutls_m_compressed2plaintext (session, &gtxt, gcomp);
+      ret = _gnutls_m_compressed2plaintext (session, &gtxt, &gcomp);
       if (ret < 0)
 	{
 	  return ret;
 	}
 
-      if (gtxt.size > max_data_size)
+      if (gtxt.size > MAX_RECORD_RECV_SIZE)
 	{
 	  gnutls_assert ();
 	  _gnutls_free_datum (&gtxt);
 	  /* This shouldn't have happen and
 	   * is a TLS fatal error.
 	   */
-	  return GNUTLS_E_INTERNAL_ERROR;
+	  return GNUTLS_E_DECOMPRESSION_FAILED;
 	}
 
       memcpy (data, gtxt.data, gtxt.size);
diff --git a/lib/gnutls_compress.c b/lib/gnutls_compress.c
index 9e42157d8e..81faf35112 100644
--- a/lib/gnutls_compress.c
+++ b/lib/gnutls_compress.c
@@ -36,14 +36,14 @@
 int
 _gnutls_m_plaintext2compressed (gnutls_session_t session,
 				gnutls_datum_t * compressed,
-				gnutls_datum_t plaintext)
+				const gnutls_datum_t* plaintext)
 {
   int size;
   opaque *data;
 
   size =
     _gnutls_compress (session->connection_state.write_compression_state,
-		      plaintext.data, plaintext.size, &data,
+		      plaintext->data, plaintext->size, &data,
 		      MAX_RECORD_SEND_SIZE + 1024);
   if (size < 0)
     {
@@ -59,15 +59,15 @@ _gnutls_m_plaintext2compressed (gnutls_session_t session,
 int
 _gnutls_m_compressed2plaintext (gnutls_session_t session,
 				gnutls_datum_t * plain,
-				gnutls_datum_t compressed)
+				const gnutls_datum_t* compressed)
 {
   int size;
   opaque *data;
 
   size =
     _gnutls_decompress (session->connection_state.
-			read_compression_state, compressed.data,
-			compressed.size, &data, MAX_RECORD_RECV_SIZE);
+			read_compression_state, compressed->data,
+			compressed->size, &data, MAX_RECORD_RECV_SIZE);
   if (size < 0)
     {
       gnutls_assert ();
diff --git a/lib/gnutls_compress.h b/lib/gnutls_compress.h
index 13e155ec05..fe42fea7ce 100644
--- a/lib/gnutls_compress.h
+++ b/lib/gnutls_compress.h
@@ -24,7 +24,7 @@
 
 int _gnutls_m_plaintext2compressed (gnutls_session_t session,
 				    gnutls_datum_t * compressed,
-				    gnutls_datum_t plaintext);
+				    const gnutls_datum_t *plaintext);
 int _gnutls_m_compressed2plaintext (gnutls_session_t session,
 				    gnutls_datum_t * plain,
-				    gnutls_datum_t compressed);
+				    const gnutls_datum_t* compressed);
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 990526edd7..5e3492cf43 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -777,13 +777,19 @@ record_check_type (gnutls_session_t session,
 inline static int
 get_temp_recv_buffer (gnutls_session_t session, gnutls_datum_t * tmp)
 {
+size_t max_record_size;
+
+  if (gnutls_compression_get(session) != GNUTLS_COMP_NULL)
+    max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE;
+  else
+    max_record_size = MAX_RECORD_RECV_SIZE;
 
   /* We allocate MAX_RECORD_RECV_SIZE length
    * because we cannot predict the output data by the record
    * packet length (due to compression).
    */
 
-  if (MAX_RECORD_RECV_SIZE > session->internals.recv_buffer.size ||
+  if (max_record_size > session->internals.recv_buffer.size ||
       session->internals.recv_buffer.data == NULL)
     {
 
@@ -791,7 +797,7 @@ get_temp_recv_buffer (gnutls_session_t session, gnutls_datum_t * tmp)
        */
       session->internals.recv_buffer.data =
 	gnutls_realloc (session->internals.recv_buffer.data,
-			MAX_RECORD_RECV_SIZE);
+			max_record_size);
 
       if (session->internals.recv_buffer.data == NULL)
 	{
@@ -799,7 +805,7 @@ get_temp_recv_buffer (gnutls_session_t session, gnutls_datum_t * tmp)
 	  return GNUTLS_E_MEMORY_ERROR;
 	}
 
-      session->internals.recv_buffer.size = MAX_RECORD_RECV_SIZE;
+      session->internals.recv_buffer.size = max_record_size;
     }
 
   tmp->data = session->internals.recv_buffer.data;
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2007-11-14 07:51:39 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2007-11-14 07:51:39 +0200
commit	2b52de53f9602eba78e2796d23f5b78b3842b8f3 (patch)
tree	baa0a22dc346f5648abdd68cdf247a536c93785d
parent	d2276d3cdfb52012ccc7de852f42dae67b1bca69 (diff)
download	gnutls-2b52de53f9602eba78e2796d23f5b78b3842b8f3.tar.gz