Safer buffer comparisons in the SSL modules

commit: 31ff1d2e4fb9ea0b9ffccff990e780bbc3369d7b [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Oct 28 13:46:11 2013 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Oct 31 14:23:12 2013 +0100
tree: 0705c7da7a6f89a82a1f3a48181b2453eb0c335b
parent: 291f9af935e8cbe78216c93ae3b62728e4e62729 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b8bc188..3d9e5a3 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -1711,7 +1711,7 @@
         SSL_DEBUG_BUF( 4, "computed mac", ssl->in_msg + ssl->in_msglen,
                        ssl->transform_in->maclen );
 
-        if( memcmp( tmp, ssl->in_msg + ssl->in_msglen,
+        if( safer_memcmp( tmp, ssl->in_msg + ssl->in_msglen,
                          ssl->transform_in->maclen ) != 0 )
         {
 #if defined(POLARSSL_SSL_DEBUG_ALL)
@@ -3192,7 +3192,7 @@
         return( POLARSSL_ERR_SSL_BAD_HS_FINISHED );
     }
 
-    if( memcmp( ssl->in_msg + 4, buf, hash_len ) != 0 )
+    if( safer_memcmp( ssl->in_msg + 4, buf, hash_len ) != 0 )
     {
         SSL_DEBUG_MSG( 1, ( "bad finished message" ) );
         return( POLARSSL_ERR_SSL_BAD_HS_FINISHED );
commit	31ff1d2e4fb9ea0b9ffccff990e780bbc3369d7b	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Oct 28 13:46:11 2013 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Oct 31 14:23:12 2013 +0100
tree	0705c7da7a6f89a82a1f3a48181b2453eb0c335b
parent	291f9af935e8cbe78216c93ae3b62728e4e62729 [diff] [blame]