siriz / as3crypto

Automatically exported from code.google.com/p/as3crypto
0 stars 0 forks source link

TLSEngine overflow patch has critical errors #71

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Send data that is larger than 16384 bytes

What is the expected output? What do you see instead?
The data should be packetized and sent without the receiving end sending any 
alerts. However, the receiving end (openssl in my case) sends an Alert 22 
(record overflow)

What version of the product are you using? On what operating system?
trunk, Mac, Windows, Linux

Please provide any additional information below.
The issue is that the original fix for the overflow doesn't clear the "rec" 
ByteArray after it writes to it. Additionally that same array is used by 
sendRecord() to hold the payload. Subsequent uses of rec will contain old data. 
Please apply the patch (file attached) to fix the issue.

Original issue reported on code.google.com by joel.con...@gmail.com on 12 Jan 2012 at 8:53

Attachments: