diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-03 23:48:38 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-03 23:51:07 +0100 |
commit | 7b65049a81ea02a92fef934318a680afd55e98d2 (patch) | |
tree | 77a6074edbc0ad184f4cce6a2b0b51ed967dc126 | |
parent | 9709393ac263d7fbd9f790c884b7b8141c6f4b13 (diff) | |
download | gnutls-7b65049a81ea02a92fef934318a680afd55e98d2.tar.gz |
Corrected bugs in record padding parsing.
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | lib/gnutls_cipher.c | 4 |
2 files changed, 5 insertions, 2 deletions
@@ -8,6 +8,9 @@ Version 2.12.22 (unreleased) ** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported by Kikuchi Masashi. +** libgnutls: Fixed record padding parsing issue. Reported by Kenny +Patterson and Nadhem Alfardan. + ** libgnutls: Updated gnulib ** API and ABI modifications: diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 6b83208364..9a5d128ab9 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -461,7 +461,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, { uint8_t MAC[MAX_HASH_SIZE]; uint16_t c_length; - uint8_t pad; + unsigned int pad; int length; uint16_t blocksize; int ret, i, pad_failed = 0; @@ -537,7 +537,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, /* Check the pading bytes (TLS 1.x) */ if (_gnutls_version_has_variable_padding (ver) && pad_failed == 0) - for (i = 2; i < pad; i++) + for (i = 2; i <= pad; i++) { if (ciphertext.data[ciphertext.size - i] != ciphertext.data[ciphertext.size - 1]) |