diff options
author | Matt Caswell <matt@openssl.org> | 2022-10-26 17:14:21 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2022-11-07 10:59:20 +0000 |
commit | 351ad225b3758f96a5875eb11ac3acda006a1c00 (patch) | |
tree | 4887b615d47839db378d68448df9e5093fbf8eac | |
parent | b05fbac1fc4f9c54a4e7a71728396e8f1b18707e (diff) |
Assert that we do not exceed the DTLS MTU
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19516)
-rw-r--r-- | ssl/statem/statem_dtls.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 2e71014ef8..4effc58416 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include <assert.h> #include <limits.h> #include <string.h> #include <stdio.h> @@ -255,6 +256,16 @@ int dtls1_do_write(SSL_CONNECTION *s, int type) if (!ossl_assert(len == written)) return -1; + /* + * We should not exceed the MTU size. If compression is in use + * then the max record overhead calculation is unreliable so we do + * not check in that case. We use assert rather than ossl_assert + * because in a production build, if this assert were ever to fail, + * then the best thing to do is probably carry on regardless. + */ + assert(s->s3.tmp.new_compression != NULL + || BIO_wpending(s->wbio) <= (int)s->d1->mtu); + if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) { /* * should not be done for 'Hello Request's, but in that case |