ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-12 01:42:21 +08:00
Code Issues Releases Wiki Activity

Merge remote-tracking branch 'upstream-public/pr/1942' into development

Browse Source 
Resolve conflicts in ChangeLog
This commit is contained in:
Jaeden Amero 2018-08-17 14:26:51 +01:00
commit 141e767fa9
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -11,6 +11,8 @@ Bugfix
This improves compliance to RFC 4492, and as a result, solves This improves compliance to RFC 4492, and as a result, solves
interoperability issues with BouncyCastle. Raised by milenamil in #1157. interoperability issues with BouncyCastle. Raised by milenamil in #1157.
* Replace printf with mbedtls_printf in aria. Found by TrinityTonic in #1908. * Replace printf with mbedtls_printf in aria. Found by TrinityTonic in #1908.
* Fix potential use-after-free in mbedtls_ssl_get_max_frag_len()
and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941.
Changes Changes
* Copy headers preserving timestamps when doing a "make install". * Copy headers preserving timestamps when doing a "make install".

9
library/ssl_tls.c
View File

@ -5973,6 +5973,9 @@ static int ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial )
ssl->transform_in = NULL; ssl->transform_in = NULL;
ssl->transform_out = NULL; ssl->transform_out = NULL;
ssl->session_in = NULL;
ssl->session_out = NULL;
memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN ); memset( ssl->out_buf, 0, MBEDTLS_SSL_OUT_BUFFER_LEN );
if( partial == 0 ) if( partial == 0 )
memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN ); memset( ssl->in_buf, 0, MBEDTLS_SSL_IN_BUFFER_LEN );
@ -6842,14 +6845,14 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl )
size_t transform_expansion; size_t transform_expansion;
const mbedtls_ssl_transform *transform = ssl->transform_out; const mbedtls_ssl_transform *transform = ssl->transform_out;
if( transform == NULL )
return( (int) mbedtls_ssl_hdr_len( ssl ) );
#if defined(MBEDTLS_ZLIB_SUPPORT) #if defined(MBEDTLS_ZLIB_SUPPORT)
if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL ) if( ssl->session_out->compression != MBEDTLS_SSL_COMPRESS_NULL )
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
#endif #endif
if( transform == NULL )
return( (int) mbedtls_ssl_hdr_len( ssl ) );
switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) ) switch( mbedtls_cipher_get_cipher_mode( &transform->cipher_ctx_enc ) )
{ {
case MBEDTLS_MODE_GCM: case MBEDTLS_MODE_GCM: