aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2018-12-03 09:59:04 -0500
committerJack Lloyd <[email protected]>2018-12-03 09:59:04 -0500
commit6bf823ce117e966d51ec836af54510ecca66c818 (patch)
treea089690765170b00ff66252a5591e8efc1957fdd /src/lib/tls
parent10cde6b85d018979fd94fc1c83f27758f4b134b6 (diff)
Fix bug in TLS CBC unpadding
Regression introduced in 007314c5 Found by OSS-Fuzz (bug id 11693)
Diffstat (limited to 'src/lib/tls')
-rw-r--r--src/lib/tls/tls_cbc/tls_cbc.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/tls/tls_cbc/tls_cbc.cpp b/src/lib/tls/tls_cbc/tls_cbc.cpp
index f3ea17d42..f7f3ebc8f 100644
--- a/src/lib/tls/tls_cbc/tls_cbc.cpp
+++ b/src/lib/tls/tls_cbc/tls_cbc.cpp
@@ -235,7 +235,7 @@ uint16_t check_tls_cbc_padding(const uint8_t record[], size_t record_len)
const uint8_t pad_byte = record[record_len-1];
const uint16_t pad_bytes = 1 + pad_byte;
- auto pad_invalid = CT::Mask<uint16_t>::is_lt(rec16, pad_byte);
+ auto pad_invalid = CT::Mask<uint16_t>::is_lt(rec16, pad_bytes);
for(uint16_t i = rec16 - to_check; i != rec16; ++i)
{