File 0003-cbc_mac_verify-require-minimum-padding-und... of Package gnutls.8596

Overview Repositories Revisions Requests Users Attributes Meta

File 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch of Package gnutls.8596

From cc91db2fb8efeb1e5e3c56a5ff86ea8cb3ef8915 Mon Sep 17 00:00:00 2001
From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date: Wed, 20 Jun 2018 11:07:47 +0200
Subject: [PATCH 3/4] cbc_mac_verify: require minimum padding under SSL3.0

---
 lib/gnutls_cipher.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

Index: gnutls-3.2.15/lib/gnutls_cipher.c
===================================================================
--- gnutls-3.2.15.orig/lib/gnutls_cipher.c	2018-08-27 13:55:05.515462428 +0200
+++ gnutls-3.2.15/lib/gnutls_cipher.c	2018-08-27 13:55:11.135499404 +0200
@@ -882,7 +882,11 @@ ciphertext_to_compressed(gnutls_session_
 		 * Note that we access all 256 bytes of ciphertext for padding check
 		 * because there is a timing channel in that memory access (in certain CPUs).
 		 */
-		if (ver->id != GNUTLS_SSL3)
+		if (ver->id == GNUTLS_SSL3) {
+			if (pad >= blocksize)
+				pad_failed = 1;
+		} else
+		{
 			for (i = 2; i <= MIN(256, ciphertext->size); i++) {
 				tmp_pad_failed |=
 				    (compressed->
@@ -890,6 +894,7 @@ ciphertext_to_compressed(gnutls_session_
 				pad_failed |=
 				    ((i <= (1 + pad)) & (tmp_pad_failed));
 			}
+		}
 
 		if (unlikely
 		    (pad_failed != 0

Places

File 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch of Package gnutls.8596

Places