Avoid false positives in bounds check

The size of the buffer already accounts for the extra data before the actual message, so the allowed length is SSL_MAX_CONTENT_LEN starting from _msg
2026-03-10 00:06:28 +00:00 · 2015-09-24 22:19:58 +02:00
parent d0d8cb36a4
commit faee44ded1
2 changed files with 3 additions and 3 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -287,7 +287,7 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl,
 {
    int ret;
    unsigned char *p = buf;
-    const unsigned char *end = ssl->out_buf + MBEDTLS_SSL_MAX_CONTENT_LEN;
+    const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_MAX_CONTENT_LEN;
    size_t kkpp_len;

    *olen = 0;