| commit | 6992eb762cd7364208acb68abfe5391aa2d0322d | [log] [tgz] |
|---|---|---|
| author | Paul Bakker <p.j.bakker@polarssl.org> | Tue Dec 31 11:35:16 2013 +0100 |
| committer | Paul Bakker <p.j.bakker@polarssl.org> | Tue Dec 31 11:38:33 2013 +0100 |
| tree | f40269966b45ef5cb95254913917a44f801c058d | |
| parent | 6ea1a95ce831f66793f5db99dbb36e5a11a62618 [diff] [blame] |
Fixed potential overflow in certificate size in ssl_write_certificate()
diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6ea2821..e738028 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c
@@ -2453,7 +2453,7 @@ while( crt != NULL ) { n = crt->raw.len; - if( i + 3 + n > SSL_MAX_CONTENT_LEN ) + if( n > SSL_MAX_CONTENT_LEN - 3 - i ) { SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", i + 3 + n, SSL_MAX_CONTENT_LEN ) );