[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Thu Feb 1 10:43:58 UTC 2018
The branch master has been updated
via 848a950b715fa73070a9d1638e7630acfb0dfa4d (commit)
from 4e525a0b4db2b11bee15a485b6ed6622ca8948f1 (commit)
- Log -----------------------------------------------------------------
commit 848a950b715fa73070a9d1638e7630acfb0dfa4d
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jan 31 09:53:51 2018 +0000
Fix some instances of the wrong alert type being sent
In a few places we sent an internal_error alert instead of a decode_error.
Fixes #5213
Fixes #5214
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5219)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/extensions_clnt.c | 9 +++++++--
ssl/statem/statem_clnt.c | 4 ++--
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index dbb8812..5441e98 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1273,7 +1273,7 @@ int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
{
- unsigned int ecpointformats_len;
+ size_t ecpointformats_len;
PACKET ecptformatlist;
if (!PACKET_as_length_prefixed_1(pkt, &ecptformatlist)) {
@@ -1283,8 +1283,13 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
}
if (!s->hit) {
ecpointformats_len = PACKET_remaining(&ecptformatlist);
- s->session->ext.ecpointformats_len = 0;
+ if (ecpointformats_len == 0) {
+ SSLfatal(s, SSL_AD_DECODE_ERROR,
+ SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, SSL_R_BAD_LENGTH);
+ return 0;
+ }
+ s->session->ext.ecpointformats_len = 0;
OPENSSL_free(s->session->ext.ecpointformats);
s->session->ext.ecpointformats = OPENSSL_malloc(ecpointformats_len);
if (s->session->ext.ecpointformats == NULL) {
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 8a33386..e79bd7b 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2452,7 +2452,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
PACKET sigalgs;
if (!PACKET_get_length_prefixed_2(pkt, &sigalgs)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,
SSL_R_LENGTH_MISMATCH);
return MSG_PROCESS_ERROR;
@@ -2484,7 +2484,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
}
if (PACKET_remaining(pkt) != 0) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,
SSL_R_LENGTH_MISMATCH);
return MSG_PROCESS_ERROR;
More information about the openssl-commits
mailing list