You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29 lines
804 B
29 lines
804 B
5 years ago
|
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
|
||
|
|
index 65dde6899..8b34472b7 100644
|
||
|
|
--- a/lib/gnutls_cipher.c
|
||
|
|
+++ b/lib/gnutls_cipher.c
|
||
|
|
@@ -659,7 +659,11 @@ ciphertext_to_compressed(gnutls_session_t session,
|
||
|
|
* Note that we access all 256 bytes of ciphertext for padding check
|
||
|
|
* because there is a timing channel in that memory access (in certain CPUs).
|
||
|
|
*/
|
||
|
|
- if (ver->id != GNUTLS_SSL3)
|
||
|
|
+ if (ver->id == GNUTLS_SSL3) {
|
||
|
|
+ if (pad >= blocksize)
|
||
|
|
+ pad_failed = 1;
|
||
|
|
+ } else
|
||
|
|
+ {
|
||
|
|
for (i = 2; i <= MIN(256, ciphertext->size); i++) {
|
||
|
|
tmp_pad_failed |=
|
||
|
|
(compressed->
|
||
|
|
@@ -667,6 +671,7 @@ ciphertext_to_compressed(gnutls_session_t session,
|
||
|
|
pad_failed |=
|
||
|
|
((i <= (1 + pad)) & (tmp_pad_failed));
|
||
|
|
}
|
||
|
|
+ }
|
||
|
|
|
||
|
|
if (unlikely
|
||
|
|
(pad_failed != 0
|
||
|
|
--
|
||
|
|
2.14.3
|
||
|
|
|