s->s2->three_byte_header = 0;
p = 0;
} else if ((bs <= 1) && (!s->s2->escape)) {
- /*-
- * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
- * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
- */
+ /*-
+ * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
+ * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+ */
s->s2->three_byte_header = 0;
p = 0;
} else { /* we may have to use a 3 byte header */
- /*-
- * If s->s2->escape is not set, then
- * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
- * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER.
- */
+ /*-
+ * If s->s2->escape is not set, then
+ * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
+ * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER.
+ */
p = (j % bs);
p = (p == 0) ? 0 : (bs - p);
if (s->s2->escape) {
}
}
- /*-
- * Now
- * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
- * holds, and if s->s2->three_byte_header is set, then even
- * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
- */
+ /*-
+ * Now
+ * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+ * holds, and if s->s2->three_byte_header is set, then even
+ * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
+ */
/*
* mac_size is the number of MAC bytes len is the number of data bytes we
s->s2->padding = p;
s->s2->mac_data = &(s->s2->wbuf[3]);
s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
+
+ /*
+ * It would be clearer to write this as follows:
+ * if (mac_size + len + p > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+ * However |len| is user input that could in theory be very large. We
+ * know |mac_size| and |p| are small, so to avoid any possibility of
+ * overflow we write it like this.
+ *
+ * In theory this should never fail because the logic above should have
+ * modified |len| if it is too big. But we are being cautious.
+ */
+ if (len > (SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER - (mac_size + p))) {
+ return -1;
+ }
/* we copy the data into s->s2->wbuf */
memcpy(s->s2->wact_data, buf, len);
if (p)
projects / openssl.git / blobdiff