]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aa6ac60)
Correct tag len check when determining how much space we have in the pkt
authorMatt Caswell <matt@openssl.org>
Mon, 13 Nov 2023 11:27:54 +0000 (11:27 +0000)
committerTomas Mraz <tomas@openssl.org>
Wed, 15 Nov 2023 10:06:52 +0000 (11:06 +0100)
If the available space is equal to the tag length then we have no available
space for plaintext data.

Fixes #22699

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22715)

ssl/quic/quic_record_tx.c patch | blob | blame | history

diff --git a/ssl/quic/quic_record_tx.c b/ssl/quic/quic_record_tx.c
index 4f86c68e1773b558dd5ce4eb4d8c4ee0e76f4fd8..c01abed0d66a4d42d60f6bcb533a610185b43a1e 100644 (file)
--- a/ssl/quic/quic_record_tx.c
+++ b/ssl/quic/quic_record_tx.c
@@ -422,7 +422,7 @@ int ossl_qtx_calculate_plaintext_payload_len(OSSL_QTX *qtx, uint32_t enc_level,
 
     tag_len = ossl_qrl_get_suite_cipher_tag_len(el->suite_id);
 
-    if (ciphertext_len < tag_len) {
+    if (ciphertext_len <= tag_len) {
         *plaintext_len = 0;
         return 0;
     }
Mirror of https://github.com/openssl/openssl.git