Add a return value check to tls13_buffer_extend(). - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2020-03-10 17:11:25 +0000
committer	jsing <>	2020-03-10 17:11:25 +0000
commit	76ffd547d39ae8e7e343710553d13ff568e7d3ef (patch)
tree	c720eff828444a92c90ec50ed52364e1de455f30 /src/lib/libc/string/timingsafe_memcmp.c
parent	7895b558af2262d6d71a405d98e524b072c4a3d8 (diff)
download	openbsd-76ffd547d39ae8e7e343710553d13ff568e7d3ef.tar.gz openbsd-76ffd547d39ae8e7e343710553d13ff568e7d3ef.tar.bz2 openbsd-76ffd547d39ae8e7e343710553d13ff568e7d3ef.zip

Add a return value check to tls13_buffer_extend().

In the unlikely event that the return value from the read callback is larger than the number of bytes we asked for, we can end up incrementing buf->len beyond capacity. Check the return value from the read callback to prevent this. ok inoguchi@ tb@

Diffstat (limited to 'src/lib/libc/string/timingsafe_memcmp.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: