Hello,
I found a possible issue regarding the usage of mbedtls_ssl_read in c_read:
static size_t
c_read(void *cv, char *buf, size_t size)
{
COOKIE *c;
int n;
size_t n_read;
c = (COOKIE *)cv;
n_read = 0;
while(n_read < size && (n = mbedtls_ssl_read(c->fd, buf + n_read, size -
n_read)) > 0)
n_read += n;
return n_read;
}
This basically ready everything until end-of-file or the buffer is full.
However, the former could be an issue.
The docs of mbedtls_ssl_read states:
Returns
The (positive) number of bytes read if successful.
0 if the read end of the underlying transport was closed
• in this case you must stop using the context (see below).
The docs of fopencookie specifies:
The buf and size arguments are, respectively, a buffer
into which input data can be placed and the size of that
buffer. As its function result, the read function should
return the number of bytes copied into buf, 0 on end of
file, or -1 on error. The read function should update the
stream offset appropriately.
Since the function passes > 0 even though it received EOF, this would be
incorrect, and may result in the following:
If there is a less data than size, and then an EOF, c_read returns > 0, and
will (probably, I do not know the whole code) be called again. Which will again
use mbedtls_ssl_read, which is forbidden.
Cheers,
Mischa
--
pound mailing list
pound@apsis.ch
https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
