diff options
| author | beck <> | 2015-07-15 22:22:54 +0000 |
|---|---|---|
| committer | beck <> | 2015-07-15 22:22:54 +0000 |
| commit | be1d297b6ec02bf43d4fda0f2648c666dc345753 (patch) | |
| tree | 980bb9dd4d722521c0b50b64a7847a71337695ad | |
| parent | e1423b93bd3553efa320e96178feb2e4fbf950d1 (diff) | |
| download | openbsd-be1d297b6ec02bf43d4fda0f2648c666dc345753.tar.gz openbsd-be1d297b6ec02bf43d4fda0f2648c666dc345753.tar.bz2 openbsd-be1d297b6ec02bf43d4fda0f2648c666dc345753.zip | |
check n before cbs_init, coverity - ID 125063
ok bcook@ miod@
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 12 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 12 |
2 files changed, 18 insertions, 6 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 3f7f3a411d..ee964407ee 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.118 2015/07/15 21:52:02 beck Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.119 2015/07/15 22:22:54 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1736,9 +1736,15 @@ ssl3_get_new_session_ticket(SSL *s) | |||
| 1736 | goto f_err; | 1736 | goto f_err; |
| 1737 | } | 1737 | } |
| 1738 | 1738 | ||
| 1739 | CBS_init(&cbs, s->init_msg, n); | 1739 | if (n < 0) { |
| 1740 | al = SSL_AD_DECODE_ERROR; | ||
| 1741 | SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, | ||
| 1742 | SSL_R_LENGTH_MISMATCH); | ||
| 1743 | goto f_err; | ||
| 1744 | } | ||
| 1740 | 1745 | ||
| 1741 | if (n < 0 || !CBS_get_u32(&cbs, &lifetime_hint) || | 1746 | CBS_init(&cbs, s->init_msg, n); |
| 1747 | if (!CBS_get_u32(&cbs, &lifetime_hint) || | ||
| 1742 | #if UINT32_MAX > LONG_MAX | 1748 | #if UINT32_MAX > LONG_MAX |
| 1743 | lifetime_hint > LONG_MAX || | 1749 | lifetime_hint > LONG_MAX || |
| 1744 | #endif | 1750 | #endif |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 3f7f3a411d..ee964407ee 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.118 2015/07/15 21:52:02 beck Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.119 2015/07/15 22:22:54 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1736,9 +1736,15 @@ ssl3_get_new_session_ticket(SSL *s) | |||
| 1736 | goto f_err; | 1736 | goto f_err; |
| 1737 | } | 1737 | } |
| 1738 | 1738 | ||
| 1739 | CBS_init(&cbs, s->init_msg, n); | 1739 | if (n < 0) { |
| 1740 | al = SSL_AD_DECODE_ERROR; | ||
| 1741 | SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, | ||
| 1742 | SSL_R_LENGTH_MISMATCH); | ||
| 1743 | goto f_err; | ||
| 1744 | } | ||
| 1740 | 1745 | ||
| 1741 | if (n < 0 || !CBS_get_u32(&cbs, &lifetime_hint) || | 1746 | CBS_init(&cbs, s->init_msg, n); |
| 1747 | if (!CBS_get_u32(&cbs, &lifetime_hint) || | ||
| 1742 | #if UINT32_MAX > LONG_MAX | 1748 | #if UINT32_MAX > LONG_MAX |
| 1743 | lifetime_hint > LONG_MAX || | 1749 | lifetime_hint > LONG_MAX || |
| 1744 | #endif | 1750 | #endif |