mirror of
https://gitdl.cn/https://github.com/chakralinux/lib32.git
synced 2025-01-27 13:22:17 +08:00
33 lines
1.3 KiB
Diff
33 lines
1.3 KiB
Diff
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
|
|
index 198cb34..3caa5ac 100644
|
|
--- a/lib/gnutls_cipher.c
|
|
+++ b/lib/gnutls_cipher.c
|
|
@@ -710,7 +710,11 @@ ciphertext_to_compressed (gnutls_session_t session,
|
|
return gnutls_assert_val(ret);
|
|
|
|
if (unlikely((unsigned)length_to_decrypt > compressed->size))
|
|
- return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
|
|
+ {
|
|
+ _gnutls_audit_log(session, "Received %u bytes, while expecting less than %u\n",
|
|
+ (unsigned int)length_to_decrypt, (unsigned int)compressed->size);
|
|
+ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
|
|
+ }
|
|
|
|
ret =
|
|
_gnutls_auth_cipher_decrypt2 (¶ms->read.cipher_state,
|
|
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
|
|
index 993ddb9..4795711 100644
|
|
--- a/lib/gnutls_record.c
|
|
+++ b/lib/gnutls_record.c
|
|
@@ -1193,8 +1193,8 @@ begin:
|
|
/* We allocate the maximum possible to allow few compressed bytes to expand to a
|
|
* full record.
|
|
*/
|
|
- decrypted = _mbuffer_alloc(MAX_RECORD_RECV_SIZE(session),
|
|
- MAX_RECORD_RECV_SIZE(session));
|
|
+ t.size = _gnutls_get_max_decrypted_data(session);
|
|
+ decrypted = _mbuffer_alloc(t.size, t.size);
|
|
if (decrypted == NULL)
|
|
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
|
|