[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Tue Jul 3 10:27:39 UTC 2018

The branch OpenSSL_1_0_2-stable has been updated
       via  434af36f9778abe274bb637396f60977fbee98d2 (commit)
      from  2c739f72e5236a8e0c351c00047c77083dcdb77f (commit)


- Log -----------------------------------------------------------------
commit 434af36f9778abe274bb637396f60977fbee98d2
Author: Matt Caswell <matt at openssl.org>
Date:   Mon Jul 2 14:09:03 2018 +0100

    Don't create an invalid CertificateRequest
    
    We should validate that the various fields we put into the
    CertificateRequest are not too long. Otherwise we will construct an
    invalid message.
    
    Fixes #6609
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6629)

-----------------------------------------------------------------------

Summary of changes:
 ssl/s3_srvr.c  | 15 +++++++++++++++
 ssl/ssl.h      |  1 +
 ssl/ssl_locl.h |  2 ++
 3 files changed, 18 insertions(+)

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 753b804..a8d5125 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2091,6 +2091,11 @@ int ssl3_send_certificate_request(SSL *s)
         if (SSL_USE_SIGALGS(s)) {
             const unsigned char *psigs;
             nl = tls12_get_psigalgs(s, 1, &psigs);
+            if (nl > SSL_MAX_2_BYTE_LEN) {
+                SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
+                       SSL_R_LENGTH_TOO_LONG);
+                goto err;
+            }
             s2n(nl, p);
             memcpy(p, psigs, nl);
             p += nl;
@@ -2107,6 +2112,11 @@ int ssl3_send_certificate_request(SSL *s)
             for (i = 0; i < sk_X509_NAME_num(sk); i++) {
                 name = sk_X509_NAME_value(sk, i);
                 j = i2d_X509_NAME(name, NULL);
+                if (j > SSL_MAX_2_BYTE_LEN) {
+                    SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
+                           SSL_R_LENGTH_TOO_LONG);
+                    goto err;
+                }
                 if (!BUF_MEM_grow_clean
                     (buf, SSL_HM_HEADER_LENGTH(s) + n + j + 2)) {
                     SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
@@ -2128,6 +2138,11 @@ int ssl3_send_certificate_request(SSL *s)
                     n += j;
                     nl += j;
                 }
+                if (nl > SSL_MAX_2_BYTE_LEN) {
+                    SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
+                           SSL_R_LENGTH_TOO_LONG);
+                    goto err;
+                }
             }
         }
         /* else no CA names */
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 30a9471..7efb8c7 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2954,6 +2954,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_KRB5_S_TKT_NYV                             294
 # define SSL_R_KRB5_S_TKT_SKEW                            295
 # define SSL_R_LENGTH_MISMATCH                            159
+# define SSL_R_LENGTH_TOO_LONG                            404
 # define SSL_R_LENGTH_TOO_SHORT                           160
 # define SSL_R_LIBRARY_BUG                                274
 # define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index aeffc00..11115e3 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -259,6 +259,8 @@
                           c[1]=(unsigned char)(((l)>> 8)&0xff), \
                           c[2]=(unsigned char)(((l)    )&0xff)),c+=3)
 
+# define SSL_MAX_2_BYTE_LEN     (0xffff)
+
 /* LOCAL STUFF */
 
 # define SSL_DECRYPT     0
