diff options
author | Jack Lloyd <[email protected]> | 2018-12-03 09:59:04 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-12-03 09:59:04 -0500 |
commit | 6bf823ce117e966d51ec836af54510ecca66c818 (patch) | |
tree | a089690765170b00ff66252a5591e8efc1957fdd /src/lib/tls | |
parent | 10cde6b85d018979fd94fc1c83f27758f4b134b6 (diff) |
Fix bug in TLS CBC unpadding
Regression introduced in 007314c5
Found by OSS-Fuzz (bug id 11693)
Diffstat (limited to 'src/lib/tls')
-rw-r--r-- | src/lib/tls/tls_cbc/tls_cbc.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp index f3ea17d42..f7f3ebc8f 100644 --- a/src/lib/tls/tls_cbc/tls_cbc.cpp +++ b/src/lib/tls/tls_cbc/tls_cbc.cpp @@ -235,7 +235,7 @@ uint16_t check_tls_cbc_padding(const uint8_t record[], size_t record_len) const uint8_t pad_byte = record[record_len-1]; const uint16_t pad_bytes = 1 + pad_byte; - auto pad_invalid = CT::Mask<uint16_t>::is_lt(rec16, pad_byte); + auto pad_invalid = CT::Mask<uint16_t>::is_lt(rec16, pad_bytes); for(uint16_t i = rec16 - to_check; i != rec16; ++i) { |