crypto/tls: fix first byte test for 255 CBC padding bytes

The BadCBCPadding255 test from bogo failed because at most 255 trailing bytes were checked, but for a padding of 255 there are 255 padding bytes plus 1 length byte with value 255. Change-Id: I7dd237c013d2c7c8599067246e31b7ba93106cf7 Reviewed-on: https://go-review.googlesource.com/68070 Reviewed-by: Adam Langley <agl@golang.org> Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
2025-04-03 20:17:36 +03:00 · 2017-10-04 13:44:34 +01:00 · 2017-10-04 13:44:34 +01:00 · e3522a12ad
commit e3522a12ad
parent 53c5404836
2 changed files with 16 additions and 3 deletions
--- a/conn_test.go
+++ b/conn_test.go
@ -21,6 +21,12 @@ func TestRoundUp(t *testing.T) {
 	}
 }

+// will be initialized with {0, 255, 255, ..., 255}
+var padding255Bad = [256]byte{}
+
+// will be initialized with {255, 255, 255, ..., 255}
+var padding255Good = [256]byte{255}
+
 var paddingTests = []struct {
 	in          []byte
 	good        bool
@ -36,9 +42,15 @@ var paddingTests = []struct {
 	{[]byte{1, 4, 4, 4, 4, 4}, true, 1},
 	{[]byte{5, 5, 5, 5, 5, 5}, true, 0},
 	{[]byte{6, 6, 6, 6, 6, 6}, false, 0},
+	{padding255Bad[:], false, 0},
+	{padding255Good[:], true, 0},
 }

 func TestRemovePadding(t *testing.T) {
+	for i := 1; i < len(padding255Bad); i++ {
+		padding255Bad[i] = 255
+		padding255Good[i] = 255
+	}
 	for i, test := range paddingTests {
 		paddingLen, good := extractPadding(test.in)
 		expectedGood := byte(255)