lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Fix off-by-one in buffer_size usage

Browse Source 
The added null byte was accounted for twice, once by taking
opt.buffer_size+1 when allocating the buffer and once by taking opt.buffer-1
when filling the buffer. Make opt.buffer_size the size that is actually
read, it's less confusing that way.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2022-04-06 23:34:36 +02:00
parent 8bb96d96cd
commit 99a732bf0c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
programs/ssl/ssl_server2.c
View File

@ -3515,7 +3515,7 @@ data_exchange:
do do
{ {
int terminated = 0; int terminated = 0;
len = opt.buffer_size - 1; len = opt.buffer_size;
memset( buf, 0, opt.buffer_size ); memset( buf, 0, opt.buffer_size );
ret = mbedtls_ssl_read( &ssl, buf, len ); ret = mbedtls_ssl_read( &ssl, buf, len );
@ -3616,7 +3616,7 @@ data_exchange:
} }
else /* Not stream, so datagram */ else /* Not stream, so datagram */
{ {
len = opt.buffer_size - 1; len = opt.buffer_size;
memset( buf, 0, opt.buffer_size ); memset( buf, 0, opt.buffer_size );
do do