1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Schannel: chop off garbage bytes if encryption fails

Browse Source 
Because they would break communication (or loop infinitely) otherwise
since we use the presence of bytes in the returned buffer to know if
there is still something we need to transmit.

Amends 4e60a6b556d91ab797aebb7422666a685a726755

Pick-to: 6.9
Change-Id: If72c1a142d4567f69d78177250b0218c5ca999fd
Reviewed-by: Even Oscar Andersen <even.oscar.andersen@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This commit is contained in:
Mårten Nordheim 2024-12-16 10:32:05 +01:00
parent 63db1082cb
commit 1efcc0df6a
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/plugins/tls/schannel/qtls_schannel.cpp
View File

@ -1788,7 +1788,7 @@ auto TlsCryptographSchannel::getNextEncryptedMessage() -> MessageBufferResult
&& fullMessage.size() < MessageBufferThreshold) { && fullMessage.size() < MessageBufferThreshold) {
// Try to read 'cbMaximumMessage' bytes from buffer before encrypting. // Try to read 'cbMaximumMessage' bytes from buffer before encrypting.
const int bodySize = int(std::min(writeBufferSize, qint64(streamSizes.cbMaximumMessage))); const int bodySize = int(std::min(writeBufferSize, qint64(streamSizes.cbMaximumMessage)));
auto messageSize = headerSize + bodySize + trailerSize; const qsizetype messageSize = headerSize + bodySize + trailerSize;
QSpan buffer = allocateMessage(messageSize); QSpan buffer = allocateMessage(messageSize);
char *header = buffer.data(); char *header = buffer.data();
char *body = header + headerSize; char *body = header + headerSize;
@ -1815,6 +1815,7 @@ auto TlsCryptographSchannel::getNextEncryptedMessage() -> MessageBufferResult
setErrorAndEmit(d, QAbstractSocket::SslInternalError, setErrorAndEmit(d, QAbstractSocket::SslInternalError,
QSslSocket::tr("Schannel failed to encrypt data: %1") QSslSocket::tr("Schannel failed to encrypt data: %1")
.arg(schannelErrorToString(status))); .arg(schannelErrorToString(status)));
result.messageBuffer.chop(messageSize);
return result; return result;
} }
// Data was encrypted successfully, so we free() what we peek()ed earlier // Data was encrypted successfully, so we free() what we peek()ed earlier