subtract buffer size from computed rekey limit to avoid exceeding it

aadamowski · Jan 5, 2016 · 60245fa · 60245fa
1 parent 271df81
commit 60245fa
Showing 1 changed file with 14 additions and 3 deletions.
diff --git a/packet.c b/packet.c
@@ -1015,10 +1015,21 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
 	 * The 2^(blocksize*2) limit is too expensive for 3DES,
 	 * blowfish, etc, so enforce a 1GB limit for small blocksizes.
 	 */
-	if (enc->block_size >= 16)
-		*max_blocks = (u_int64_t)1 << (enc->block_size*2);
-	else
+	if (enc->block_size >= 16) {
+		*max_blocks = ((u_int64_t)1 << (enc->block_size*2))
+			/*
+			 * Subtract the maximum number of blocks that can
+			 * possibly come from the buffer to avoid
+			 * running over the limit.
+			 *
+			 * Effectively, this currently subtracts 128MB from
+			 * rekey limits which are 64GB and more.
+			 */
+			- ((sshbuf_max_size(state->input) + enc->block_size - 1)
+				/ enc->block_size);
+	} else {
 		*max_blocks = ((u_int64_t)1 << 30) / enc->block_size;
+	}
 	if (state->rekey_limit)
 		*max_blocks = MIN(*max_blocks,
 		    state->rekey_limit / enc->block_size);