Fix wrong usage of counter len macro
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 25e3ca3..e636762 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -2101,7 +2101,7 @@
static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_transform *tmp_transform;
- unsigned char tmp_out_ctr[8];
+ unsigned char tmp_out_ctr[MBEDTLS_SSL_COUNTER_LEN];
if( ssl->transform_out == ssl->handshake->alt_transform_out )
{
@@ -2117,9 +2117,11 @@
ssl->handshake->alt_transform_out = tmp_transform;
/* Swap epoch + sequence_number */
- memcpy( tmp_out_ctr, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
- memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, sizeof( ssl->cur_out_ctr ) );
- memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, sizeof( ssl->handshake->alt_out_ctr ) );
+ memcpy( tmp_out_ctr, ssl->cur_out_ctr, sizeof( tmp_out_ctr ) );
+ memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr,
+ sizeof( ssl->cur_out_ctr ) );
+ memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr,
+ sizeof( ssl->handshake->alt_out_ctr ) );
/* Adjust to the newly activated transform */
mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out );
@@ -2562,7 +2564,7 @@
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
ssl->conf->transport, ssl->out_hdr + 1 );
- memcpy( ssl->out_ctr, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
+ memcpy( ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_COUNTER_LEN );
MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0);
if( ssl->transform_out != NULL )
@@ -2574,7 +2576,7 @@
rec.data_len = ssl->out_msglen;
rec.data_offset = ssl->out_msg - rec.buf;
- memcpy( &rec.ctr[0], ssl->out_ctr, MBEDTLS_SSL_COUNTER_LEN );
+ memcpy( &rec.ctr[0], ssl->out_ctr, sizeof( rec.ctr ) );
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
ssl->conf->transport, rec.ver );
rec.type = ssl->out_msgtype;
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 79c160e..e27fdff 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1221,7 +1221,7 @@
}
memcpy( &ssl->cur_out_ctr[2], ssl->in_ctr + 2,
- MBEDTLS_SSL_COUNTER_LEN - 2 );
+ sizeof( ssl->cur_out_ctr ) - 2 );
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
if( mbedtls_ssl_dtls_replay_check( ssl ) != 0 )
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index b22db47..58b81ff 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2821,7 +2821,7 @@
/* Remember current epoch settings for resending */
ssl->handshake->alt_transform_out = ssl->transform_out;
memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr,
- sizeof( ssl->cur_out_ctr ) );
+ sizeof( ssl->handshake->alt_out_ctr ) );
/* Set sequence_number to zero */
mbedtls_platform_zeroize( &ssl->cur_out_ctr[2],
@@ -5778,11 +5778,11 @@
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- used += 8;
+ used += MBEDTLS_SSL_COUNTER_LEN;
if( used <= buf_len )
{
- memcpy( p, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
- p += 8;
+ memcpy( p, ssl->cur_out_ctr, MBEDTLS_SSL_COUNTER_LEN );
+ p += MBEDTLS_SSL_COUNTER_LEN;
}
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -6040,7 +6040,6 @@
if( (size_t)( end - p ) < sizeof( ssl->cur_out_ctr ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
memcpy( ssl->cur_out_ctr, p, sizeof( ssl->cur_out_ctr ) );
p += sizeof( ssl->cur_out_ctr );