diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_lib.c | 18 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 18 | 
2 files changed, 30 insertions, 6 deletions
| diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 2a53b09ed2..3412e70d30 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.68 2014/12/02 20:46:19 miod Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.69 2014/12/06 13:21:14 jsing Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -1334,7 +1334,13 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1334 | else if (type == TLSEXT_TYPE_ec_point_formats && | 1334 | else if (type == TLSEXT_TYPE_ec_point_formats && | 
| 1335 | s->version != DTLS1_VERSION) { | 1335 | s->version != DTLS1_VERSION) { | 
| 1336 | unsigned char *sdata = data; | 1336 | unsigned char *sdata = data; | 
| 1337 | int ecpointformatlist_length = *(sdata++); | 1337 | int ecpointformatlist_length; | 
| 1338 | |||
| 1339 | if (size < 1) { | ||
| 1340 | *al = SSL_AD_DECODE_ERROR; | ||
| 1341 | return 0; | ||
| 1342 | } | ||
| 1343 | ecpointformatlist_length = *(sdata++); | ||
| 1338 | 1344 | ||
| 1339 | if (ecpointformatlist_length != size - 1) { | 1345 | if (ecpointformatlist_length != size - 1) { | 
| 1340 | *al = TLS1_AD_DECODE_ERROR; | 1346 | *al = TLS1_AD_DECODE_ERROR; | 
| @@ -1354,7 +1360,13 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1354 | } else if (type == TLSEXT_TYPE_elliptic_curves && | 1360 | } else if (type == TLSEXT_TYPE_elliptic_curves && | 
| 1355 | s->version != DTLS1_VERSION) { | 1361 | s->version != DTLS1_VERSION) { | 
| 1356 | unsigned char *sdata = data; | 1362 | unsigned char *sdata = data; | 
| 1357 | int ellipticcurvelist_length = (*(sdata++) << 8); | 1363 | int ellipticcurvelist_length; | 
| 1364 | |||
| 1365 | if (size < 2) { | ||
| 1366 | *al = SSL_AD_DECODE_ERROR; | ||
| 1367 | return 0; | ||
| 1368 | } | ||
| 1369 | ellipticcurvelist_length = (*(sdata++) << 8); | ||
| 1358 | ellipticcurvelist_length += (*(sdata++)); | 1370 | ellipticcurvelist_length += (*(sdata++)); | 
| 1359 | 1371 | ||
| 1360 | if (ellipticcurvelist_length != size - 2 || | 1372 | if (ellipticcurvelist_length != size - 2 || | 
| diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 2a53b09ed2..3412e70d30 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.68 2014/12/02 20:46:19 miod Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.69 2014/12/06 13:21:14 jsing Exp $ */ | 
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 
| 3 | * All rights reserved. | 3 | * All rights reserved. | 
| 4 | * | 4 | * | 
| @@ -1334,7 +1334,13 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1334 | else if (type == TLSEXT_TYPE_ec_point_formats && | 1334 | else if (type == TLSEXT_TYPE_ec_point_formats && | 
| 1335 | s->version != DTLS1_VERSION) { | 1335 | s->version != DTLS1_VERSION) { | 
| 1336 | unsigned char *sdata = data; | 1336 | unsigned char *sdata = data; | 
| 1337 | int ecpointformatlist_length = *(sdata++); | 1337 | int ecpointformatlist_length; | 
| 1338 | |||
| 1339 | if (size < 1) { | ||
| 1340 | *al = SSL_AD_DECODE_ERROR; | ||
| 1341 | return 0; | ||
| 1342 | } | ||
| 1343 | ecpointformatlist_length = *(sdata++); | ||
| 1338 | 1344 | ||
| 1339 | if (ecpointformatlist_length != size - 1) { | 1345 | if (ecpointformatlist_length != size - 1) { | 
| 1340 | *al = TLS1_AD_DECODE_ERROR; | 1346 | *al = TLS1_AD_DECODE_ERROR; | 
| @@ -1354,7 +1360,13 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1354 | } else if (type == TLSEXT_TYPE_elliptic_curves && | 1360 | } else if (type == TLSEXT_TYPE_elliptic_curves && | 
| 1355 | s->version != DTLS1_VERSION) { | 1361 | s->version != DTLS1_VERSION) { | 
| 1356 | unsigned char *sdata = data; | 1362 | unsigned char *sdata = data; | 
| 1357 | int ellipticcurvelist_length = (*(sdata++) << 8); | 1363 | int ellipticcurvelist_length; | 
| 1364 | |||
| 1365 | if (size < 2) { | ||
| 1366 | *al = SSL_AD_DECODE_ERROR; | ||
| 1367 | return 0; | ||
| 1368 | } | ||
| 1369 | ellipticcurvelist_length = (*(sdata++) << 8); | ||
| 1358 | ellipticcurvelist_length += (*(sdata++)); | 1370 | ellipticcurvelist_length += (*(sdata++)); | 
| 1359 | 1371 | ||
| 1360 | if (ellipticcurvelist_length != size - 2 || | 1372 | if (ellipticcurvelist_length != size - 2 || | 
