Don't call ssl_fetch_input for record hdr size check in DTLS
In DTLS, if mbedtls_ssl_fetch_input() is called multiple times without
resetting the input buffer in between, the non-initial calls are functionally
equivalent to mere bounds checks ensuring that the incoming datagram is
large enough to hold the requested data. In the interest of code-size
and modularity (removing a call to a non-const function which is logically
const in this instance), this commit replaces such a call to
mbedtls_ssl_fetch_input() by an explicit bounds check in
ssl_parse_record_header().
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8014268..2b57753 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4725,7 +4725,6 @@
static int ssl_parse_record_header( mbedtls_ssl_context *ssl )
{
int major_ver, minor_ver;
- int ret;
/* Parse and validate record content type and version */
@@ -4761,11 +4760,11 @@
* This would fail, for example, if we received a datagram of
* size 13 + n Bytes where n is less than the size of incoming CIDs.
*/
- ret = mbedtls_ssl_fetch_input( ssl, mbedtls_ssl_in_hdr_len( ssl ) );
- if( ret != 0 )
+ if( ssl->in_left < mbedtls_ssl_in_hdr_len( ssl ) )
{
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
- return( ret );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "datagram too short to contain DTLS record header including CID of length %u.",
+ (unsigned) mbedtls_ssl_conf_get_cid_len( ssl->conf ) ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
}
}
else