tls: Check all bytes of the padding if they equal the padding length

author: Martin Willi <martin@revosec.ch> 2014-10-15 14:17:30 +0200
committer: Martin Willi <martin@revosec.ch> 2014-10-15 14:21:01 +0200
commit: c0bf721357050a65141146d494f7a09e3ed3962e (patch)
tree: f30463fab26127ba0f4d3ac88417d6f5965c3e25 /src/libtls/tls_aead_expl.c
parent: fdeda63df044e7e26b0b20c73dbef5e528ea6e1c (diff)
download: strongswan-c0bf721357050a65141146d494f7a09e3ed3962e.tar.bz2
strongswan-c0bf721357050a65141146d494f7a09e3ed3962e.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/src/libtls/tls_aead_expl.c b/src/libtls/tls_aead_expl.c
index 5e4d33e14..37779a1ee 100644
--- a/src/libtls/tls_aead_expl.c
+++ b/src/libtls/tls_aead_expl.c
@@ -106,6 +106,7 @@ METHOD(tls_aead_t, decrypt, bool,
 	chunk_t assoc, mac, iv;
 	u_int8_t bs, padlen;
 	sigheader_t hdr;
+	size_t i;
 
 	iv.len = this->crypter->get_iv_size(this->crypter);
 	if (data->len < iv.len)
@@ -126,6 +127,13 @@ METHOD(tls_aead_t, decrypt, bool,
 	padlen = data->ptr[data->len - 1];
 	if (padlen < data->len)
 	{	/* If padding looks valid, remove it */
+		for (i = data->len - padlen - 1; i < data->len - 1; i++)
+		{
+			if (data->ptr[i] != padlen)
+			{
+				return FALSE;
+			}
+		}
 		data->len -= padlen + 1;
 	}
author	Martin Willi <martin@revosec.ch>	2014-10-15 14:17:30 +0200
committer	Martin Willi <martin@revosec.ch>	2014-10-15 14:21:01 +0200
commit	c0bf721357050a65141146d494f7a09e3ed3962e (patch)
tree	f30463fab26127ba0f4d3ac88417d6f5965c3e25 /src/libtls/tls_aead_expl.c
parent	fdeda63df044e7e26b0b20c73dbef5e528ea6e1c (diff)
download	strongswan-c0bf721357050a65141146d494f7a09e3ed3962e.tar.bz2 strongswan-c0bf721357050a65141146d494f7a09e3ed3962e.tar.xz