Add size_t to int checks for SSL functions.

libtls accepts size_t for lengths but libssl accepts int. This verifies that the input does not exceed INT_MAX. It also avoids truncating size_t when comparing with int and adds printf-style attributes for tls_set_error(). with input from deraadt@ and tedu@ ok tedu@
author: doug <> 2014-12-17 17:51:33 +0000
committer: doug <> 2014-12-17 17:51:33 +0000
commit: 8ee1a1e4a4c52092060a915a644f80202aba054a (patch)
tree: 6b23fc9e20f81f6dc09a6fb3d8bac2a4246a7ab9 /src/lib/libtls/tls.c
parent: 1711181cf04802398af99b3d8ffff8829eb38455 (diff)
download: openbsd-8ee1a1e4a4c52092060a915a644f80202aba054a.tar.gz
openbsd-8ee1a1e4a4c52092060a915a644f80202aba054a.tar.bz2
openbsd-8ee1a1e4a4c52092060a915a644f80202aba054a.zip
1 files changed, 22 insertions, 1 deletions
diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c
index 6dae066922..0b9f12511d 100644
--- a/src/lib/libtls/tls.c
+++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.3 2014/12/07 15:48:02 bcook Exp $ */
+/* $OpenBSD: tls.c,v 1.4 2014/12/17 17:51:33 doug Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -18,6 +18,7 @@
 #include <sys/socket.h>
 #include <errno.h>
+#include <limits.h>
 #include <stdlib.h>
 #include <unistd.h>
@@ -110,6 +111,11 @@ tls_configure_keypair(struct tls *ctx)
        BIO *bio = NULL;
        if (ctx->config->cert_mem != NULL) {
+                if (ctx->config->cert_len > INT_MAX) {
+                        tls_set_error(ctx, "certificate too long");
+                        goto err;
+                }
                if (SSL_CTX_use_certificate_chain(ctx->ssl_ctx,
                    ctx->config->cert_mem, ctx->config->cert_len) != 1) {
                        tls_set_error(ctx, "failed to load certificate");
@@ -118,6 +124,11 @@ tls_configure_keypair(struct tls *ctx)
                cert = NULL;
        }
        if (ctx->config->key_mem != NULL) {
+                if (ctx->config->key_len > INT_MAX) {
+                        tls_set_error(ctx, "key too long");
+                        goto err;
+                }
                if ((bio = BIO_new_mem_buf(ctx->config->key_mem,
                    ctx->config->key_len)) == NULL) {
                        tls_set_error(ctx, "failed to create buffer");
@@ -229,6 +240,11 @@ tls_read(struct tls *ctx, void *buf, size_t buflen, size_t *outlen)
 {
        int ret, ssl_err;
+        if (buflen > INT_MAX) {
+                tls_set_error(ctx, "buflen too long");
+                return (-1);
+        }
        ret = SSL_read(ctx->ssl_conn, buf, buflen);
        if (ret > 0) {
                *outlen = (size_t)ret;
@@ -252,6 +268,11 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen, size_t *outlen)
 {
        int ret, ssl_err;
+        if (buflen > INT_MAX) {
+                tls_set_error(ctx, "buflen too long");
+                return (-1);
+        }
        ret = SSL_write(ctx->ssl_conn, buf, buflen);
        if (ret > 0) {
                *outlen = (size_t)ret;
author	doug <>	2014-12-17 17:51:33 +0000
committer	doug <>	2014-12-17 17:51:33 +0000
commit	8ee1a1e4a4c52092060a915a644f80202aba054a (patch)
tree	6b23fc9e20f81f6dc09a6fb3d8bac2a4246a7ab9 /src/lib/libtls/tls.c
parent	1711181cf04802398af99b3d8ffff8829eb38455 (diff)
download	openbsd-8ee1a1e4a4c52092060a915a644f80202aba054a.tar.gz openbsd-8ee1a1e4a4c52092060a915a644f80202aba054a.tar.bz2 openbsd-8ee1a1e4a4c52092060a915a644f80202aba054a.zip