TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f29d4702f703e4a3bb0aa2276e7bd6ec7b24defa^! / . / library
commitf29d4702f703e4a3bb0aa2276e7bd6ec7b24defa[log] [tgz]
authorHanno Becker <hanno.becker@arm.com>Fri Aug 10 11:31:15 2018 +0100
committerHanno Becker <hanno.becker@arm.com>Fri Aug 17 15:44:57 2018 +0100
treeaf685a2450cd2df7518e0dce2e7fd18d727145b9
parent4ccbf064ed77ef0008ed026d31f69b1d253cface [diff]
Reset in/out pointers on SSL session reset

If a previous session was interrupted during flushing, the out
pointers might point arbitrarily into the output buffer.

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f2bb748..df21cbd 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -6300,8 +6300,8 @@
     ssl->secure_renegotiation = MBEDTLS_SSL_LEGACY_RENEGOTIATION;
 
     ssl->in_offt = NULL;
+    ssl_reset_in_out_pointers( ssl );
 
-    ssl->in_msg = ssl->in_buf + 13;
     ssl->in_msgtype = 0;
     ssl->in_msglen = 0;
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -6317,7 +6317,6 @@
 
     ssl->keep_current_message = 0;
 
-    ssl->out_msg = ssl->out_buf + 13;
     ssl->out_msgtype = 0;
     ssl->out_msglen = 0;
     ssl->out_left = 0;