summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2013-01-03 23:48:38 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2013-01-03 23:51:07 +0100
commit7b65049a81ea02a92fef934318a680afd55e98d2 (patch)
tree77a6074edbc0ad184f4cce6a2b0b51ed967dc126
parent9709393ac263d7fbd9f790c884b7b8141c6f4b13 (diff)
downloadgnutls-7b65049a81ea02a92fef934318a680afd55e98d2.tar.gz
Corrected bugs in record padding parsing.
-rw-r--r--NEWS3
-rw-r--r--lib/gnutls_cipher.c4
2 files changed, 5 insertions, 2 deletions
diff --git a/NEWS b/NEWS
index 56b5dc63d4..48b5e6f5c4 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,9 @@ Version 2.12.22 (unreleased)
** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported
by Kikuchi Masashi.
+** libgnutls: Fixed record padding parsing issue. Reported by Kenny
+Patterson and Nadhem Alfardan.
+
** libgnutls: Updated gnulib
** API and ABI modifications:
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 6b83208364..9a5d128ab9 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -461,7 +461,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
{
uint8_t MAC[MAX_HASH_SIZE];
uint16_t c_length;
- uint8_t pad;
+ unsigned int pad;
int length;
uint16_t blocksize;
int ret, i, pad_failed = 0;
@@ -537,7 +537,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
/* Check the pading bytes (TLS 1.x)
*/
if (_gnutls_version_has_variable_padding (ver) && pad_failed == 0)
- for (i = 2; i < pad; i++)
+ for (i = 2; i <= pad; i++)
{
if (ciphertext.data[ciphertext.size - i] !=
ciphertext.data[ciphertext.size - 1])