if (!clear)
{
mac_size=EVP_MD_CTX_size(s->read_hash);
+ if (mac_size <= 0)
+ {
+ al=SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_BAD_MAC_LENGTH);
+ goto f_err;
+ }
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
{
#define SSL_R_BAD_HELLO_REQUEST 105
#define SSL_R_BAD_LENGTH 271
#define SSL_R_BAD_MAC_DECODE 113
+#define SSL_R_BAD_MAC_LENGTH 333
#define SSL_R_BAD_MESSAGE_TYPE 114
#define SSL_R_BAD_PACKET_LENGTH 115
#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
{ERR_REASON(SSL_R_BAD_HELLO_REQUEST) ,"bad hello request"},
{ERR_REASON(SSL_R_BAD_LENGTH) ,"bad length"},
{ERR_REASON(SSL_R_BAD_MAC_DECODE) ,"bad mac decode"},
+{ERR_REASON(SSL_R_BAD_MAC_LENGTH) ,"bad mac length"},
{ERR_REASON(SSL_R_BAD_MESSAGE_TYPE) ,"bad message type"},
{ERR_REASON(SSL_R_BAD_PACKET_LENGTH) ,"bad packet length"},
{ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),"bad protocol version number"},
projects / openssl.git / commitdiff