Merge pull request #1021 from aria2/fix-win-tls-read

wintls: Potential fix for undecrypted read
2026-04-02 18:59:20 +00:00 · 2017-10-07 22:27:46 +09:00
parent 64fe98a1ea 8b32b26828
commit db639dcc98
1 changed files with 7 additions and 11 deletions
--- a/src/WinTLSSession.cc
+++ b/src/WinTLSSession.cc
@@ -514,18 +514,14 @@ ssize_t WinTLSSession::readData(void* data, size_t len)
      return TLS_ERR_ERROR;
    }

-    // Decrypted message successfully.
-    bool ate = false;
-    for (auto& buf : bufs) {
-      if (buf.BufferType == SECBUFFER_DATA && buf.cbBuffer > 0) {
-        decBuf_.write(buf.pvBuffer, buf.cbBuffer);
-      }
-      else if (buf.BufferType == SECBUFFER_EXTRA && buf.cbBuffer > 0) {
-        readBuf_.eat(readBuf_.size() - buf.cbBuffer);
-        ate = true;
-      }
+    // Decrypted message successfully.  Inspired from curl schannel.c.
+    if (bufs[1].BufferType == SECBUFFER_DATA && bufs[1].cbBuffer > 0) {
+      decBuf_.write(bufs[1].pvBuffer, bufs[1].cbBuffer);
    }
-    if (!ate) {
+    if (bufs[3].BufferType == SECBUFFER_EXTRA && bufs[3].cbBuffer > 0) {
+      readBuf_.eat(readBuf_.size() - bufs[3].cbBuffer);
+    }
+    else {
      readBuf_.clear();
    }