Don't call ssl_fetch_input for record content fetch in DTLS
As explained in the previous commit, if mbedtls_ssl_fetch_input()
is called multiple times, all but the first call are equivalent to
bounds checks in the incoming datagram.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index bae772a..4c7f9d0 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5980,19 +5980,21 @@
}
/*
- * Read and optionally decrypt the message contents
+ * Make sure the entire record contents are available.
+ *
+ * In TLS, this means fetching them from the underlying transport.
+ * In DTLS, it means checking that the incoming datagram is large enough.
*/
- if( ( ret = mbedtls_ssl_fetch_input( ssl,
- mbedtls_ssl_in_hdr_len( ssl ) + ssl->in_msglen ) ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
- return( ret );
- }
-
- /* Done reading this record, get ready for the next one */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
+ if( ssl->in_left < mbedtls_ssl_in_hdr_len( ssl ) + ssl->in_msglen )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Datagram too small to contain record." ) );
+ return( MBEDTLS_ERR_SSL_INVALID_RECORD );
+ }
+
+ /* Remember offset of next record within datagram. */
ssl->next_record_offset = ssl->in_msglen + mbedtls_ssl_in_hdr_len( ssl );
if( ssl->next_record_offset < ssl->in_left )
{
@@ -6001,7 +6003,21 @@
}
else
#endif
+ {
+ ret = mbedtls_ssl_fetch_input( ssl,
+ mbedtls_ssl_in_hdr_len( ssl ) + ssl->in_msglen );
+ if( ret != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_fetch_input", ret );
+ return( ret );
+ }
+
ssl->in_left = 0;
+ }
+
+ /*
+ * Decrypt record contents.
+ */
if( ( ret = ssl_prepare_record_content( ssl ) ) != 0 )
{
