abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 19:33:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Check before memcpy

Browse Source
This commit is contained in:
Zhi Guan
2026-06-17 00:30:16 +08:00
parent b4906f1220
commit 8682cecb8f
4 changed files with 14 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CMakeLists.txt
View File

@@ -818,7 +818,7 @@ endif()
#
set(CPACK_PACKAGE_NAME "GmSSL")
set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1068")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1069")
set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
set(CPACK_NSIS_MODIFY_PATH ON)
include(CPack)

2
include/gmssl/version.h
View File

@@ -18,7 +18,7 @@ extern "C" {
#define GMSSL_VERSION_NUM 30200
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1068"
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1069"
int gmssl_version_num(void);
const char *gmssl_version_str(void);

2
src/tls.c
View File

@@ -1739,7 +1739,7 @@ int tls_record_get_handshake_certificate(const uint8_t *record, uint8_t *certs,
error_print();
return -1;
}
if (datalen > TLS_MAX_CERTIFICATES_SIZE) {
if (len > TLS_MAX_CERTIFICATES_SIZE) {
error_print();
return -1;
}

15
src/tls12.c
View File

@@ -2141,9 +2141,13 @@ int tls_recv_client_hello(TLS_CONNECT *conn)
tls_send_alert(conn, TLS_alert_handshake_failure);
return -1;
}
// TODO: unify secure memcpy
common_supported_groups_cnt = sizeof(common_supported_groups)/sizeof(common_supported_groups[0]);
if (conn->ctx->supported_groups_cnt < common_supported_groups_cnt) {
common_supported_groups_cnt = conn->ctx->supported_groups_cnt;
}
memcpy(common_supported_groups, conn->ctx->supported_groups,
conn->ctx->supported_groups_cnt * sizeof(conn->ctx->supported_groups[0]));
common_supported_groups_cnt = conn->ctx->supported_groups_cnt;
common_supported_groups_cnt * sizeof(conn->ctx->supported_groups[0]));
}
if (signature_algorithms) {
@@ -2165,9 +2169,12 @@ int tls_recv_client_hello(TLS_CONNECT *conn)
tls_send_alert(conn, TLS_alert_handshake_failure);
return -1;
}
// TODO: unify secure memcpy
common_signature_algorithms_cnt = sizeof(common_signature_algorithms)/sizeof(common_signature_algorithms[0]);
if (conn->ctx->signature_algorithms_cnt < common_signature_algorithms_cnt)
common_signature_algorithms_cnt = conn->ctx->signature_algorithms_cnt;
memcpy(common_signature_algorithms, conn->ctx->signature_algorithms,
conn->ctx->signature_algorithms_cnt * sizeof(conn->ctx->signature_algorithms[0]));
common_signature_algorithms_cnt = conn->ctx->signature_algorithms_cnt;
common_signature_algorithms_cnt * sizeof(conn->ctx->signature_algorithms[0]));
}
if (signature_algorithms_cert) {