Gilles Peskine 326ba3c0bb mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher ...

With stream ciphers, add a check that there's enough room to read a MAC in
the record. Without this check, subtracting the MAC length from the data
length resulted in an integer underflow, causing the MAC calculation to try
reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

2023-09-21 18:25:05 +02:00

200 KiB

Raw Blame History

View Raw