projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Sanity check record length before skipping explicit IV in DTLS
[openssl.git] / ssl / d1_enc.c
diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c
index bb96c8a20ccf10794304bf6d8df6ac60424953e2..baa75f9186b2d03ef4aa122db63b2b432dc888d1 100644 (file)
--- a/ssl/d1_enc.c
+++ b/ssl/d1_enc.c
@@ -249,7 +249,7 @@ int dtls1_enc(SSL *s, int send)
                                }
                        /* TLS 1.0 does not bound the number of padding bytes by the block size.
                         * All of them must have value 'padding_length'. */
-                       if (i > (int)rec->length)
+                       if (i + bs > (int)rec->length)
                                {
                                /* Incorrect padding. SSLerr() and ssl3_alert are done
                                 * by caller: we don't want to reveal whether this is
Unnamed repository; edit this file 'description' to name the repository.