From d01cb5af46caedb8a4a6529c8b80eef9976cef8d Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 27 Apr 2021 15:39:59 +0200 Subject: [PATCH] nts: avoid assumption about cookie record The cookie record is currently assumed to be the longest record that needs to be accepted by the client, but that does not have to be always the case. Define the processing buffer using the maximum body record constant instead and add an assertion to make sure it's not smaller than the maximum accepted cookie length. --- nts_ke_client.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/nts_ke_client.c b/nts_ke_client.c index 89dc6fe..d895bf1 100644 --- a/nts_ke_client.c +++ b/nts_ke_client.c @@ -127,9 +127,10 @@ process_response(NKC_Instance inst) { int next_protocol = -1, aead_algorithm = -1, error = 0; int i, critical, type, length; - uint16_t data[NKE_MAX_COOKIE_LENGTH / sizeof (uint16_t)]; + uint16_t data[NKE_MAX_RECORD_BODY_LENGTH / sizeof (uint16_t)]; - assert(NKE_MAX_COOKIE_LENGTH % sizeof (uint16_t) == 0); + assert(NKE_MAX_COOKIE_LENGTH <= NKE_MAX_RECORD_BODY_LENGTH); + assert(sizeof (data) % sizeof (uint16_t) == 0); assert(sizeof (uint16_t) == 2); inst->num_cookies = 0;