Add a length check in ssl_derive_keys()

commit: 4091141368654d45d6b4810a91acf113325f4fc5 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Mon Jul 07 15:30:20 2014 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Mon Jul 07 16:01:28 2014 +0200
tree: 56c45684ae9f3ca4ef6f862865be7e3477c2cbc8
parent: 511d809dd112207f4662c4af1bdf8c9c8eb0bc72 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 562f632..2ee46f9 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -526,6 +526,12 @@
                    transform->keylen, transform->minlen, transform->ivlen,
                    transform->maclen ) );
 
+    if( transform->maclen > sizeof transform->mac_enc )
+    {
+        SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+        return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
+    }
+
     /*
      * Finally setup the cipher contexts, IVs and MAC secrets.
      */
commit	4091141368654d45d6b4810a91acf113325f4fc5	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Mon Jul 07 15:30:20 2014 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Mon Jul 07 16:01:28 2014 +0200
tree	56c45684ae9f3ca4ef6f862865be7e3477c2cbc8
parent	511d809dd112207f4662c4af1bdf8c9c8eb0bc72 [diff] [blame]