commit 9aec1c71f2055c742ba854359cbc25f302224e14
author Waleed Elmelegy <waleed.elmelegy@arm.com> Tue Dec 05 20:08:51 2023 +0000
committer Waleed Elmelegy <waleed.elmelegy@arm.com> Wed Dec 06 15:18:15 2023 +0000
tree ac71312311ab392b2d204686e9bc378ba90af946
parent f482dcc6c7a6003a86a69948f1f05f4e9490967e

Add record size checking during handshake

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7a8c759..419185c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7004,6 +7004,7 @@
     const mbedtls_x509_crt *crt;
     const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
         ssl->handshake->ciphersuite_info;
+    int max_out_record_len = mbedtls_ssl_get_max_out_record_payload(ssl);
 
     MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate"));
 
@@ -7048,10 +7049,10 @@
 
     while (crt != NULL) {
         n = crt->raw.len;
-        if (n > MBEDTLS_SSL_OUT_CONTENT_LEN - 3 - i) {
+        if (n > max_out_record_len - 3 - i) {
             MBEDTLS_SSL_DEBUG_MSG(1, ("certificate too large, %" MBEDTLS_PRINTF_SIZET
                                       " > %" MBEDTLS_PRINTF_SIZET,
-                                      i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN));
+                                      i + 3 + n, (size_t) max_out_record_len));
             return MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL;
         }