projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use #error in openssl/srp.h
[openssl.git] / ssl / s3_cbc.c
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index b20c56408445944e8f75def46944d1fff87d107c..f7997eaae326ac486332b07815eafda83496cc38 100644 (file)
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -53,7 +53,7 @@
  *
  */
 
  *
  */
 
-#include "../crypto/constant_time_locl.h"
+#include "internal/constant_time_locl.h"
 #include "ssl_locl.h"
 
 #include <openssl/md5.h>
 #include "ssl_locl.h"
 
 #include <openssl/md5.h>
@@ -397,12 +397,22 @@ void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
 
     if (k > 0) {
         if (is_sslv3) {
 
     if (k > 0) {
         if (is_sslv3) {
+            unsigned overhang;
+
             /*
              * The SSLv3 header is larger than a single block. overhang is
              * the number of bytes beyond a single block that the header
             /*
              * The SSLv3 header is larger than a single block. overhang is
              * the number of bytes beyond a single block that the header
-             * consumes: either 7 bytes (SHA1) or 11 bytes (MD5).
+             * consumes: either 7 bytes (SHA1) or 11 bytes (MD5). There are no
+             * ciphersuites in SSLv3 that are not SHA1 or MD5 based and
+             * therefore we can be confident that the header_length will be
+             * greater than |md_block_size|. However we add a sanity check just
+             * in case
              */
              */
-            unsigned overhang = header_length - md_block_size;
+            if (header_length <= md_block_size) {
+                /* Should never happen */
+                return;
+            }
+            overhang = header_length - md_block_size;
             md_transform(md_state.c, header);
             memcpy(first_block, header + md_block_size, overhang);
             memcpy(first_block + overhang, data, md_block_size - overhang);
             md_transform(md_state.c, header);
             memcpy(first_block, header + md_block_size, overhang);
             memcpy(first_block + overhang, data, md_block_size - overhang);
Unnamed repository; edit this file 'description' to name the repository.