File mbedtls-CVE-2021-35409.patch of Package SLE153-mbedtls

diff -Nurp mbedtls-2.16.9-orig/library/ssl_tls.c mbedtls-2.16.9/library/ssl_tls.c
--- mbedtls-2.16.9-orig/library/ssl_tls.c	2020-12-10 13:54:15.000000000 +0100
+++ mbedtls-2.16.9/library/ssl_tls.c	2022-12-21 13:59:19.701121753 +0100
@@ -3997,11 +3997,11 @@ static int ssl_check_dtls_clihlo_cookie(
     }
 
     sid_len = in[59];
-    if( sid_len > in_len - 61 )
+    if( 59 + 1 + sid_len + 1 > in_len )
         return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
 
     cookie_len = in[60 + sid_len];
-    if( cookie_len > in_len - 60 )
+    if( 59 + 1 + sid_len + 1 + cookie_len > in_len )
         return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
 
     if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len,

Places

File mbedtls-CVE-2021-35409.patch of Package SLE153-mbedtls

Places