From 7b65049a81ea02a92fef934318a680afd55e98d2 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu, 3 Jan 2013 23:48:38 +0100
Subject: Corrected bugs in record padding parsing.

---
 NEWS                | 3 +++
 lib/gnutls_cipher.c | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 56b5dc63d4..48b5e6f5c4 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,9 @@ Version 2.12.22 (unreleased)
 ** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported
 by Kikuchi Masashi.
 
+** libgnutls: Fixed record padding parsing issue. Reported by Kenny
+Patterson and Nadhem Alfardan.
+
 ** libgnutls: Updated gnulib
 
 ** API and ABI modifications:
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 6b83208364..9a5d128ab9 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -461,7 +461,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
 {
   uint8_t MAC[MAX_HASH_SIZE];
   uint16_t c_length;
-  uint8_t pad;
+  unsigned int pad;
   int length;
   uint16_t blocksize;
   int ret, i, pad_failed = 0;
@@ -537,7 +537,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       /* Check the pading bytes (TLS 1.x)
        */
       if (_gnutls_version_has_variable_padding (ver) && pad_failed == 0)
-        for (i = 2; i < pad; i++)
+        for (i = 2; i <= pad; i++)
           {
             if (ciphertext.data[ciphertext.size - i] !=
                 ciphertext.data[ciphertext.size - 1])
-- 
cgit v1.2.1