mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-03-27 22:51:11 +01:00
326ba3c0bb
With stream ciphers, add a check that there's enough room to read a MAC in the record. Without this check, subtracting the MAC length from the data length resulted in an integer underflow, causing the MAC calculation to try reading (SIZE_MAX + 1 - maclen) bytes of input, which is a buffer overread. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
4 lines
147 B
Plaintext
4 lines
147 B
Plaintext
Security
|
|
* Fix a buffer overread when parsing short TLS application data records in
|
|
ARC4 or null-cipher cipher suites. Credit to OSS-Fuzz.
|