[openssl/openssl] eaa206: Fix the ceiling on how much encryption growth we c...

Matt Caswell noreply at github.com
Wed Nov 2 10:25:53 UTC 2022


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: eaa206007322ab0b1eaf9f83485e56deafc9df80
      https://github.com/openssl/openssl/commit/eaa206007322ab0b1eaf9f83485e56deafc9df80
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Fix the ceiling on how much encryption growth we can have

Stitched ciphersuites can grow by more during encryption than the code
allowed for. We fix the calculation and add an assert to check we go it
right.

Note that this is not a security issue. Even though we can overflow the
amount of bytes reserved in the WPACKET for the encryption, the underlying
buffer is still big enough.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19517)




More information about the openssl-commits mailing list