generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

PR: 1962

Browse Source 
Submitted by: Daniel Mentz <daniel.m@sent.com>
Reviewed by: steve@openssl.org

Fix "for dtls1_get_record() returns a bad record in one edge case" bug.
This commit is contained in:
Dr. Stephen Henson 2009-07-01 11:29:01 +00:00
parent 7171ade2c2
commit 2b3cd246e5
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ssl/d1_pkt.c
View File

@ -623,6 +623,7 @@ again:
/* this packet contained a partial record, dump it */ /* this packet contained a partial record, dump it */
if ( n != i) if ( n != i)
{ {
rr->length = 0;
s->packet_length = 0; s->packet_length = 0;
goto again; goto again;
} }
@ -636,6 +637,7 @@ again:
bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch); bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
if ( bitmap == NULL) if ( bitmap == NULL)
{ {
rr->length = 0;
s->packet_length = 0; /* dump this record */ s->packet_length = 0; /* dump this record */
goto again; /* get another record */ goto again; /* get another record */
} }
@ -660,6 +662,7 @@ again:
{ {
dtls1_record_bitmap_update(s, bitmap); dtls1_record_bitmap_update(s, bitmap);
dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num); dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num);
rr->length = 0;
s->packet_length = 0; s->packet_length = 0;
goto again; goto again;
} }