diff options
author | Bodo Möller <bodo@openssl.org> | 2002-04-13 22:47:20 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2002-04-13 22:47:20 +0000 |
commit | 82b0bf0b8792bdc113cadc04a1f9d40f0e0cfbfc (patch) | |
tree | 708f5e5cb06a863a90c9742071bae98310b5b980 /ssl/s3_srvr.c | |
parent | 3a7cef3e76aae1ef0d03f50b9e7ebcdf41b30c90 (diff) | |
download | openssl-82b0bf0b8792bdc113cadc04a1f9d40f0e0cfbfc.tar.gz |
Implement known-IV countermeasure.
Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
Diffstat (limited to 'ssl/s3_srvr.c')
-rw-r--r-- | ssl/s3_srvr.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index d6247a64ea..99b6a86983 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -727,7 +727,7 @@ static int ssl3_get_client_hello(SSL *s) SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED); goto f_err; } - if ((i+p) > (d+n)) + if ((p+i) >= (d+n)) { /* not enough data */ al=SSL_AD_DECODE_ERROR; @@ -784,6 +784,13 @@ static int ssl3_get_client_hello(SSL *s) /* compression */ i= *(p++); + if ((p+i) > (d+n)) + { + /* not enough data */ + al=SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); + goto f_err; + } q=p; for (j=0; j<i; j++) { @@ -831,7 +838,7 @@ static int ssl3_get_client_hello(SSL *s) /* TLS does not mind if there is extra stuff */ if (s->version == SSL3_VERSION) { - if (p > (d+n)) + if (p < (d+n)) { /* wrong number of bytes, * there could be more to follow */ |