Add a length check in ssl_derive_keys()

2025-07-29 11:41:15 +03:00 · 2014-01-18 18:22:55 +01:00
parent 2f5217ea02
commit 7cfdcb8c7f
1 changed files with 6 additions and 0 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -596,6 +596,12 @@ int ssl_derive_keys( ssl_context *ssl )
 #if defined(POLARSSL_SSL_PROTO_SSL3)
    if( ssl->minor_ver == SSL_MINOR_VERSION_0 )
    {
+        if( transform->maclen > sizeof transform->mac_enc )
+        {
+            SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
+        }
+
        memcpy( transform->mac_enc, mac_enc, transform->maclen );
        memcpy( transform->mac_dec, mac_dec, transform->maclen );
    }