artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0f32bcb) | patch
Fully initialize rrec in tls12_record_layer_open_record_protected
authortb <tb@openbsd.org>
Sun, 21 Mar 2021 19:08:22 +0000 (19:08 +0000)
committertb <tb@openbsd.org>
Sun, 21 Mar 2021 19:08:22 +0000 (19:08 +0000)
commit27e46ee688b68a3386b81874dd2881e50f8afb0e
tree96972de716341f0b0cb1c229ca4120df1c3f423ctree | snapshot
parent0f32bcb35a1b6429079a0cfe7512739d3c82914ecommit | diff
Fully initialize rrec in tls12_record_layer_open_record_protected

The CBC code path initializes rrec.padding_length in an indirect fashion
and later makes use of it for copying the MAC. This is confusing some
static analyzers as well as people investigating the whining. Avoid this
confusion and add a bit of robustness by clearing the stack variable up
front.

ok jsing
lib/libssl/tls12_record_layer.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim