|
 |
653b37 |
diff -up openssl-1.0.1e/ssl/ssl_sess.c.pointer-arithmetic openssl-1.0.1e/ssl/ssl_sess.c
|
|
|
653b37 |
diff -up openssl-1.0.1e/ssl/s3_srvr.c.pointer-arithmetic openssl-1.0.1e/ssl/s3_srvr.c
|
|
|
653b37 |
--- openssl-1.0.1e/ssl/s3_srvr.c.pointer-aritmetic 2016-09-20 15:00:06.348015761 +0200
|
|
|
653b37 |
+++ openssl-1.0.1e/ssl/s3_srvr.c 2016-09-20 15:14:11.630423575 +0200
|
|
|
653b37 |
@@ -973,6 +973,13 @@ int ssl3_get_client_hello(SSL *s)
|
|
|
653b37 |
unsigned int session_length, cookie_length;
|
|
|
653b37 |
|
|
|
653b37 |
session_length = *(p + SSL3_RANDOM_SIZE);
|
|
|
653b37 |
+
|
|
|
653b37 |
+ if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p)
|
|
|
653b37 |
+ {
|
|
|
653b37 |
+ al = SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
|
|
|
653b37 |
+ goto f_err;
|
|
|
653b37 |
+ }
|
|
|
653b37 |
cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
|
|
|
653b37 |
|
|
|
653b37 |
if (cookie_length == 0)
|
|
|
653b37 |
@@ -986,6 +993,13 @@ int ssl3_get_client_hello(SSL *s)
|
|
|
653b37 |
/* get the session-id */
|
|
|
653b37 |
j= *(p++);
|
|
|
653b37 |
|
|
|
653b37 |
+ if ((d + n) - p < j)
|
|
|
653b37 |
+ {
|
|
|
653b37 |
+ al = SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
|
|
|
653b37 |
+ goto f_err;
|
|
|
653b37 |
+ }
|
|
|
653b37 |
+
|
|
|
653b37 |
s->hit=0;
|
|
|
653b37 |
/* Versions before 0.9.7 always allow clients to resume sessions in renegotiation.
|
|
|
653b37 |
* 0.9.7 and later allow this by default, but optionally ignore resumption requests
|
|
|
653b37 |
@@ -1024,8 +1038,21 @@ int ssl3_get_client_hello(SSL *s)
|
|
|
653b37 |
if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
|
|
|
653b37 |
{
|
|
|
653b37 |
/* cookie stuff */
|
|
|
653b37 |
+ if ((d + n) - p < 1)
|
|
|
653b37 |
+ {
|
|
|
653b37 |
+ al = SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
|
|
|
653b37 |
+ goto f_err;
|
|
|
653b37 |
+ }
|
|
|
653b37 |
cookie_len = *(p++);
|
|
|
653b37 |
|
|
|
653b37 |
+ if ((d + n ) - p < cookie_len)
|
|
|
653b37 |
+ {
|
|
|
653b37 |
+ al = SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
|
|
|
653b37 |
+ goto f_err;
|
|
|
653b37 |
+ }
|
|
|
653b37 |
+
|
|
|
653b37 |
/*
|
|
|
653b37 |
* The ClientHello may contain a cookie even if the
|
|
|
653b37 |
* HelloVerify message has not been sent--make sure that it
|
|
|
653b37 |
@@ -1072,6 +1099,12 @@ int ssl3_get_client_hello(SSL *s)
|
|
|
653b37 |
p += cookie_len;
|
|
|
653b37 |
}
|
|
|
653b37 |
|
|
|
653b37 |
+ if ((d + n ) - p < 2)
|
|
|
653b37 |
+ {
|
|
|
653b37 |
+ al = SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
|
|
|
653b37 |
+ goto f_err;
|
|
|
653b37 |
+ }
|
|
|
653b37 |
n2s(p,i);
|
|
|
653b37 |
if ((i == 0) && (j != 0))
|
|
|
653b37 |
{
|
|
|
653b37 |
@@ -1080,7 +1113,9 @@ int ssl3_get_client_hello(SSL *s)
|
|
|
653b37 |
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
|
|
|
653b37 |
goto f_err;
|
|
|
653b37 |
}
|
|
|
653b37 |
- if ((p+i) >= (d+n))
|
|
|
653b37 |
+
|
|
|
653b37 |
+ /* i bytes of cipher data + 1 byte for compression length later */
|
|
|
653b37 |
+ if ((d + n) - p < i + 1)
|
|
|
653b37 |
{
|
|
|
653b37 |
/* not enough data */
|
|
|
653b37 |
al=SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
@@ -1147,7 +1182,7 @@ int ssl3_get_client_hello(SSL *s)
|
|
|
653b37 |
|
|
|
653b37 |
/* compression */
|
|
|
653b37 |
i= *(p++);
|
|
|
653b37 |
- if ((p+i) > (d+n))
|
|
|
653b37 |
+ if ((d + n) - p < i)
|
|
|
653b37 |
{
|
|
|
653b37 |
/* not enough data */
|
|
|
653b37 |
al=SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
diff -up openssl-1.0.1e/ssl/t1_lib.c.pointer-arithmetic openssl-1.0.1e/ssl/t1_lib.c
|
|
|
653b37 |
--- openssl-1.0.1e/ssl/t1_lib.c.pointer-aritmetic 2016-09-20 15:00:06.351015830 +0200
|
|
|
653b37 |
+++ openssl-1.0.1e/ssl/t1_lib.c 2016-09-20 15:37:34.660870014 +0200
|
|
|
653b37 |
@@ -923,19 +923,19 @@ int ssl_parse_clienthello_tlsext(SSL *s,
|
|
|
653b37 |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
|
|
|
653b37 |
#endif
|
|
|
653b37 |
|
|
|
653b37 |
- if (data >= (d+n-2))
|
|
|
653b37 |
+ if ((d + n) - data < 2)
|
|
|
653b37 |
goto ri_check;
|
|
|
653b37 |
n2s(data,len);
|
|
|
653b37 |
|
|
|
653b37 |
- if (data > (d+n-len))
|
|
|
653b37 |
+ if ((d + n) - data < len)
|
|
|
653b37 |
goto ri_check;
|
|
|
653b37 |
|
|
|
653b37 |
- while (data <= (d+n-4))
|
|
|
653b37 |
+ while ((d + n) - data >= 4)
|
|
|
653b37 |
{
|
|
|
653b37 |
n2s(data,type);
|
|
|
653b37 |
n2s(data,size);
|
|
|
653b37 |
|
|
|
653b37 |
- if (data+size > (d+n))
|
|
|
653b37 |
+ if ((d + n) - data < size)
|
|
|
653b37 |
goto ri_check;
|
|
|
653b37 |
#if 0
|
|
|
653b37 |
fprintf(stderr,"Received extension type %d size %d\n",type,size);
|
|
|
653b37 |
@@ -1437,22 +1437,22 @@ int ssl_parse_serverhello_tlsext(SSL *s,
|
|
|
653b37 |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
|
|
|
653b37 |
#endif
|
|
|
653b37 |
|
|
|
653b37 |
- if (data >= (d+n-2))
|
|
|
653b37 |
+ if ((d + n) - data <= 2)
|
|
|
653b37 |
goto ri_check;
|
|
|
653b37 |
|
|
|
653b37 |
n2s(data,length);
|
|
|
653b37 |
- if (data+length != d+n)
|
|
|
653b37 |
+ if ((d + n) - data != length)
|
|
|
653b37 |
{
|
|
|
653b37 |
*al = SSL_AD_DECODE_ERROR;
|
|
|
653b37 |
return 0;
|
|
|
653b37 |
}
|
|
|
653b37 |
|
|
|
653b37 |
- while(data <= (d+n-4))
|
|
|
653b37 |
+ while ((d + n) - data >= 4)
|
|
|
653b37 |
{
|
|
|
653b37 |
n2s(data,type);
|
|
|
653b37 |
n2s(data,size);
|
|
|
653b37 |
|
|
|
653b37 |
- if (data+size > (d+n))
|
|
|
653b37 |
+ if ((d + n) - data < size)
|
|
|
653b37 |
goto ri_check;
|
|
|
653b37 |
|
|
|
653b37 |
if (s->tlsext_debug_cb)
|
|
|
653b37 |
@@ -2139,30 +2139,30 @@ int tls1_process_ticket(SSL *s, unsigned
|
|
|
653b37 |
if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER)
|
|
|
653b37 |
{
|
|
|
653b37 |
i = *(p++);
|
|
|
653b37 |
- p+= i;
|
|
|
653b37 |
- if (p >= limit)
|
|
|
653b37 |
+ if (limit - p <= i)
|
|
|
653b37 |
return -1;
|
|
|
653b37 |
+ p += i;
|
|
|
653b37 |
}
|
|
|
653b37 |
/* Skip past cipher list */
|
|
|
653b37 |
n2s(p, i);
|
|
|
653b37 |
- p+= i;
|
|
|
653b37 |
- if (p >= limit)
|
|
|
653b37 |
+ if (limit - p <= i)
|
|
|
653b37 |
return -1;
|
|
|
653b37 |
+ p += i;
|
|
|
653b37 |
/* Skip past compression algorithm list */
|
|
|
653b37 |
i = *(p++);
|
|
|
653b37 |
- p += i;
|
|
|
653b37 |
- if (p > limit)
|
|
|
653b37 |
+ if (limit - p < i)
|
|
|
653b37 |
return -1;
|
|
|
653b37 |
+ p += i;
|
|
|
653b37 |
/* Now at start of extensions */
|
|
|
653b37 |
- if ((p + 2) >= limit)
|
|
|
653b37 |
+ if (limit - p <= 2)
|
|
|
653b37 |
return 0;
|
|
|
653b37 |
n2s(p, i);
|
|
|
653b37 |
- while ((p + 4) <= limit)
|
|
|
653b37 |
+ while (limit - p >= 4)
|
|
|
653b37 |
{
|
|
|
653b37 |
unsigned short type, size;
|
|
|
653b37 |
n2s(p, type);
|
|
|
653b37 |
n2s(p, size);
|
|
|
653b37 |
- if (p + size > limit)
|
|
|
653b37 |
+ if (limit - p < size)
|
|
|
653b37 |
return 0;
|
|
|
653b37 |
if (type == TLSEXT_TYPE_session_ticket)
|
|
|
653b37 |
{
|