diff options
| author | Jack Lloyd <[email protected]> | 2016-02-16 22:22:03 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-02-16 22:22:03 -0500 |
| commit | e8700f6f6062fd769dea267646f9ac951de90a05 (patch) | |
| tree | a8a832334b784f2909125ec36dd1d5a0378abe66 /src/lib/math/mp/mp_asm.cpp | |
| parent | c8d8c19861efc74e0e238f3f9c165362fd87467b (diff) | |
Reject zero length TLS records out of hand.
Later checks on the record length in CCS and record handling already
rejected a zero length record but when reading an empty record,
readbuf.size() == TLS_HEADER_SIZE and so creating the pointer
byte* record_contents = &readbuf[TLS_HEADER_SIZE];
would trigger when running under (at least) GCC'S iterator debugging,
and likely other iterator checkers also.
Since no completely empty record is defined, reject it immediately at
the record layer.
Found by Juraj Somorovsky
Also correct DTLS record handling for large messages: a zero length or
too-long packet should be dropped rather than an exception being thrown.
Diffstat (limited to 'src/lib/math/mp/mp_asm.cpp')
0 files changed, 0 insertions, 0 deletions