Package: gnutls26 / 2.12.20-8+deb7u5

32_record-padding-parsing.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
From 7b65049a81ea02a92fef934318a680afd55e98d2 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Thu, 3 Jan 2013 23:48:38 +0100
Subject: [PATCH 07/11] Corrected bugs in record padding parsing.

libgnutls: Fixed record padding parsing issue. Reported by Kenny
Patterson and Nadhem Alfardan.
http://gitorious.org/gnutls/gnutls/commit/7b65049a81ea02a92fef934318a680afd55e98d2

 
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 6b83208..9a5d128 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -461,7 +461,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
 {
   uint8_t MAC[MAX_HASH_SIZE];
   uint16_t c_length;
-  uint8_t pad;
+  unsigned int pad;
   int length;
   uint16_t blocksize;
   int ret, i, pad_failed = 0;
@@ -537,7 +537,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
       /* Check the pading bytes (TLS 1.x)
        */
       if (_gnutls_version_has_variable_padding (ver) && pad_failed == 0)
-        for (i = 2; i < pad; i++)
+        for (i = 2; i <= pad; i++)
           {
             if (ciphertext.data[ciphertext.size - i] !=
                 ciphertext.data[ciphertext.size - 1])
-- 
1.7.10.4