The branch master has been updated
via eea8723cd0d56398fc40d0337e9e730961c9c2fa (commit)
from 358558eba8a55e152d7ffcdf98cd561f46aeb9a3 (commit)
- Log -----------------------------------------------------------------
commit eea8723cd0d56398fc40d0337e9e730961c9c2fa
Author: Adam Langley <a...@chromium.org>
Date: Mon Aug 8 13:36:55 2016 -0700
Fix test of first of 255 CBC padding bytes.
Thanks to Peter Gijsels for pointing out that if a CBC record has 255
bytes of padding, the first was not being checked.
(This is an import of change 80842bdb from BoringSSL.)
Reviewed-by: Emilia Käsper <emi...@openssl.org>
Reviewed-by: Rich Salz <rs...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1431)
-----------------------------------------------------------------------
Summary of changes:
ssl/record/ssl3_record.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index ad240bc..49c6756 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1149,9 +1149,9 @@ int tls1_cbc_remove_padding(const SSL *s,
* maximum amount of padding possible. (Again, the length of the record
* is public information so we can use it.)
*/
- to_check = 255; /* maximum amount of padding. */
- if (to_check > rec->length - 1)
- to_check = rec->length - 1;
+ to_check = 256; /* maximum amount of padding, inc length byte.
*/
+ if (to_check > rec->length)
+ to_check = rec->length;
for (i = 0; i < to_check; i++) {
unsigned char mask = constant_time_ge_8(padding_length, i);
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
