diff options
author | Matt Caswell <matt@openssl.org> | 2017-05-11 10:16:08 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-05-11 13:13:04 +0100 |
commit | 3c544acc385ac39b77873c9cfa77c4ae5df956b5 (patch) | |
tree | e4076786289cb0136f6ac6847d937c4c515efbc9 /ssl | |
parent | 2d871227faf7f4e287caa04be43957f8e2df43a4 (diff) | |
download | openssl-3c544acc385ac39b77873c9cfa77c4ae5df956b5.tar.gz |
Check that a TLSv1.3 encrypted message has an app data content type
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3436)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/ssl3_record.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 806ef43469..4b36f49b6d 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -618,7 +618,8 @@ int ssl3_get_record(SSL *s) if (SSL_IS_TLS13(s) && s->enc_read_ctx != NULL) { size_t end; - if (thisrr->length == 0) { + if (thisrr->length == 0 + || thisrr->type != SSL3_RT_APPLICATION_DATA) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_RECORD_TYPE); goto f_err; |