summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaiki Ueno <dueno@redhat.com>2018-11-18 05:47:08 +0100
committerDaiki Ueno <dueno@redhat.com>2018-11-18 06:43:51 +0100
commit398ed4b42f80fd379fdc1b80cc3d02086894ed87 (patch)
treeb64c68fe3ea4ddbe8ec35ee31a048f053bf3ba9e
parent92dd7f62a42094cfe7177c7191c12711494c86a0 (diff)
downloadgnutls-398ed4b42f80fd379fdc1b80cc3d02086894ed87.tar.gz
record: gnutls_record_send_early_data: check the upper limit
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat
-rw-r--r--lib/record.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/record.c b/lib/record.c
index 5514ddcef1..19f5b52282 100644
--- a/lib/record.c
+++ b/lib/record.c
@@ -52,6 +52,7 @@
#include <dtls.h>
#include <dh.h>
#include <random.h>
+#include <xsize.h>
struct tls_record_st {
uint16_t header_size;
@@ -2041,7 +2042,9 @@ gnutls_record_send2(gnutls_session_t session, const void *data,
* as gnutls_record_send().
*
* There may be a limit to the amount of data sent as early data. Use
- * gnutls_record_get_max_early_data_size() to check the limit.
+ * gnutls_record_get_max_early_data_size() to check the limit. If the
+ * limit exceeds, this function returns
+ * %GNUTLS_E_RECORD_LIMIT_REACHED.
*
* Returns: The number of bytes sent, or a negative error code. The
* number of bytes sent might be less than @data_size. The maximum
@@ -2059,6 +2062,12 @@ ssize_t gnutls_record_send_early_data(gnutls_session_t session,
if (session->security_parameters.entity != GNUTLS_CLIENT)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+ if (xsum(session->internals.
+ early_data_presend_buffer.length,
+ data_size) >
+ session->security_parameters.max_early_data_size)
+ return gnutls_assert_val(GNUTLS_E_RECORD_LIMIT_REACHED);
+
ret =
_gnutls_buffer_append_data(&session->internals.
early_data_presend_buffer, data,
View Lorry Controller Status