abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 19:33:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add certs length check

Browse Source
This commit is contained in:
Zhi Guan
2026-06-17 00:00:24 +08:00
parent 419eaca762
commit cdd43c9610
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CMakeLists.txt
View File

@@ -818,7 +818,7 @@ endif()
#
set(CPACK_PACKAGE_NAME "GmSSL")
set(CPACK_PACKAGE_VENDOR "GmSSL develop team")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1066")
set(CPACK_PACKAGE_VERSION "3.2.0-dev.1067")
set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md)
set(CPACK_NSIS_MODIFY_PATH ON)
include(CPack)

2
include/gmssl/version.h
View File

@@ -18,7 +18,7 @@ extern "C" {
#define GMSSL_VERSION_NUM 30200
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1066"
#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1067"
int gmssl_version_num(void);
const char *gmssl_version_str(void);

7
src/tls.c
View File

@@ -1717,7 +1717,8 @@ int tls_record_set_handshake_certificate(uint8_t *record, size_t *recordlen,
return 1;
}
// FIXME: 这个函数没有提供缓冲区的长度限制
// FIXME: 这个函数语义应该修改,只返回 uint24array[] 的证书数组,然后整个库内部都用这个结构来存储证书链、证书数组
// 目前直接用DER格式拼接到一起的设计不好。这个函数容易发生溢出
int tls_record_get_handshake_certificate(const uint8_t *record, uint8_t *certs, size_t *certslen)
{
int type;
@@ -1738,6 +1739,10 @@ int tls_record_get_handshake_certificate(const uint8_t *record, uint8_t *certs,
error_print();
return -1;
}
if (datalen > TLS_MAX_CERTIFICATES_SIZE) {
error_print();
return -1;
}
*certslen = 0;
while (len) {