diff options
| author | Matt Caswell <matt@openssl.org> | 2016-11-04 00:07:50 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-11-16 10:09:46 +0000 |
| commit | 2ee1271d8ff95d6a5036b37f7f03e1ae14436eeb (patch) | |
| tree | 67c9bc16750d4a269bfff94bd254a0b9bc87af7e | |
| parent | ef7daaf915d7e0b7b48027f9ac4d47493adef0bb (diff) | |
| download | openssl-2ee1271d8ff95d6a5036b37f7f03e1ae14436eeb.tar.gz | |
Ensure the whole key_share extension is well formatted
Reviewed-by: Rich Salz <rsalz@openssl.org>
| -rw-r--r-- | ssl/t1_lib.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 044c403ebf..2dbaa9ffb4 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2318,7 +2318,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al) PACKET key_share_list, encoded_pt; const unsigned char *curves; size_t num_curves; - int group_nid; + int group_nid, found = 0; unsigned int curve_flags; /* Sanity check */ @@ -2338,13 +2338,21 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al) while (PACKET_remaining(&key_share_list) > 0) { if (!PACKET_get_net_2(&key_share_list, &group_id) || !PACKET_get_length_prefixed_2(&key_share_list, - &encoded_pt)) { + &encoded_pt) + || PACKET_remaining(&encoded_pt) == 0) { *al = SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT, SSL_R_LENGTH_MISMATCH); return 0; } + /* + * If we already found a suitable key_share we loop through the + * rest to verify the structure, but don't process them. + */ + if (found) + continue; + /* Check this share is in supported_groups */ if (!tls1_get_curvelist(s, 1, &curves, &num_curves)) { *al = SSL_AD_INTERNAL_ERROR; @@ -2416,6 +2424,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al) SSLerr(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT, SSL_R_BAD_ECPOINT); return 0; } + + found = 1; } } /* |