Skip to content

Commit 9d8b6c4

Browse files
committed
Use curSize for content-only input length in handshake/ack handlers
Since ProcessReply already reduces curSize by padSz after decryption, use curStartIdx + curSize to bound content data instead of recomputing it from buffer.length - padSz. This removes three more padSz references from message processing code.
1 parent 607e2ad commit 9d8b6c4

2 files changed

Lines changed: 9 additions & 7 deletions

File tree

src/internal.c

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -18781,9 +18781,9 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
1878118781
return DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz);
1878218782
}
1878318783

18784-
inputLength = ssl->buffers.inputBuffer.length - *inOutIdx;
18785-
if (IsEncryptionOn(ssl, 0))
18786-
inputLength -= ssl->keys.padSz;
18784+
/* curSize has already been reduced to content-only (padSz subtracted)
18785+
* in ProcessReply, so curStartIdx + curSize bounds the content. */
18786+
inputLength = ssl->curStartIdx + ssl->curSize - *inOutIdx;
1878718787

1878818788
/* If there is a pending fragmented handshake message,
1878918789
* pending message size will be non-zero. */
@@ -23634,9 +23634,9 @@ static int DoProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
2363423634
word32 processedSize = 0;
2363523635
ret = DoDtls13Ack(ssl, ssl->buffers.inputBuffer.buffer +
2363623636
ssl->buffers.inputBuffer.idx,
23637-
ssl->buffers.inputBuffer.length -
23638-
ssl->buffers.inputBuffer.idx -
23639-
ssl->keys.padSz, &processedSize);
23637+
ssl->curStartIdx + ssl->curSize -
23638+
ssl->buffers.inputBuffer.idx,
23639+
&processedSize);
2364023640
ssl->buffers.inputBuffer.idx += processedSize;
2364123641
if (ret != 0)
2364223642
return ret;

src/tls13.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13518,7 +13518,9 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
1351813518
totalSz);
1351913519
}
1352013520

13521-
inputLength = ssl->buffers.inputBuffer.length - *inOutIdx - ssl->keys.padSz;
13521+
/* curSize has already been reduced to content-only (padSz subtracted)
13522+
* in ProcessReply, so curStartIdx + curSize bounds the content. */
13523+
inputLength = ssl->curStartIdx + ssl->curSize - *inOutIdx;
1352213524

1352313525
/* If there is a pending fragmented handshake message,
1352413526
* pending message size will be non-zero. */

0 commit comments

Comments
 (0)