tls.Client: fix out of bounds panic - zig - General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software. https://ziglang.org

diff options

author	Igor Anić <igor.anic@gmail.com>	2024-07-11 17:01:39 +0200
committer	Andrew Kelley <andrew@ziglang.org>	2024-07-12 03:07:15 -0400
commit	ca752c61c08eaa06458bdc6fa3cc724c09a62f77 (patch)
tree	c24949196cded72c8aba71800fb95b0702e96560 /src/main.zig
parent	80d7e260d78400b841f15e3350473650b87931a5 (diff)
download	zig-ca752c61c08eaa06458bdc6fa3cc724c09a62f77.tar.gz zig-ca752c61c08eaa06458bdc6fa3cc724c09a62f77.zip

tls.Client: fix out of bounds panic

When calculating how much ciphertext from the stream can fit into user and internal buffers we should also take into account ciphertext data which are already in internal buffer. Fixes: 15226 Tested with [this](https://github.com/ziglang/zig/issues/15226#issuecomment-2218809140). Using client with different read buffers until I, hopefully, understood what is happening. Not relevant to this fix, but this [part](https://github.com/ziglang/zig/blob/95d9292a7a09ed883e65510ec054619747315c48/lib/std/crypto/tls/Client.zig#L988-L991) is still mystery to me. Why we don't use free_size in buf_cap calculation. Seems like rudiment from previous implementation without iovec.

Diffstat (limited to 'src/main.zig')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: