diff options
| -rw-r--r-- | src/lib/libtls/tls_keypair.c | 7 | ||||
| -rw-r--r-- | src/lib/libtls/tls_signer.c | 12 |
2 files changed, 17 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_keypair.c b/src/lib/libtls/tls_keypair.c index ffda91df8e..594b9af438 100644 --- a/src/lib/libtls/tls_keypair.c +++ b/src/lib/libtls/tls_keypair.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_keypair.c,v 1.9 2024/03/26 06:24:52 joshua Exp $ */ | 1 | /* $OpenBSD: tls_keypair.c,v 1.10 2026/04/16 05:16:48 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -148,6 +148,11 @@ tls_keypair_load_cert(struct tls_keypair *keypair, struct tls_error *error, | |||
| 148 | "keypair has no certificate"); | 148 | "keypair has no certificate"); |
| 149 | goto err; | 149 | goto err; |
| 150 | } | 150 | } |
| 151 | if (keypair->cert_len > INT_MAX) { | ||
| 152 | tls_error_setx(error, TLS_ERROR_INVALID_ARGUMENT, | ||
| 153 | "certificate too long"); | ||
| 154 | goto err; | ||
| 155 | } | ||
| 151 | if ((cert_bio = BIO_new_mem_buf(keypair->cert_mem, | 156 | if ((cert_bio = BIO_new_mem_buf(keypair->cert_mem, |
| 152 | keypair->cert_len)) == NULL) { | 157 | keypair->cert_len)) == NULL) { |
| 153 | tls_error_set(error, TLS_ERROR_UNKNOWN, | 158 | tls_error_set(error, TLS_ERROR_UNKNOWN, |
diff --git a/src/lib/libtls/tls_signer.c b/src/lib/libtls/tls_signer.c index 2573803ec1..ad80296830 100644 --- a/src/lib/libtls/tls_signer.c +++ b/src/lib/libtls/tls_signer.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls_signer.c,v 1.13 2024/06/11 16:35:24 op Exp $ */ | 1 | /* $OpenBSD: tls_signer.c,v 1.14 2026/04/16 05:16:48 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2021 Eric Faurot <eric@openbsd.org> | 3 | * Copyright (c) 2021 Eric Faurot <eric@openbsd.org> |
| 4 | * | 4 | * |
| @@ -99,6 +99,11 @@ tls_signer_add_keypair_mem(struct tls_signer *signer, const uint8_t *cert, | |||
| 99 | char *hash = NULL; | 99 | char *hash = NULL; |
| 100 | 100 | ||
| 101 | /* Compute certificate hash */ | 101 | /* Compute certificate hash */ |
| 102 | if (cert_len > INT_MAX) { | ||
| 103 | tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT, | ||
| 104 | "certificate too long"); | ||
| 105 | goto err; | ||
| 106 | } | ||
| 102 | if ((bio = BIO_new_mem_buf(cert, cert_len)) == NULL) { | 107 | if ((bio = BIO_new_mem_buf(cert, cert_len)) == NULL) { |
| 103 | tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN, | 108 | tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN, |
| 104 | "failed to create certificate bio"); | 109 | "failed to create certificate bio"); |
| @@ -124,6 +129,11 @@ tls_signer_add_keypair_mem(struct tls_signer *signer, const uint8_t *cert, | |||
| 124 | bio = NULL; | 129 | bio = NULL; |
| 125 | 130 | ||
| 126 | /* Read private key */ | 131 | /* Read private key */ |
| 132 | if (key_len > INT_MAX) { | ||
| 133 | tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT, | ||
| 134 | "private key too long"); | ||
| 135 | goto err; | ||
| 136 | } | ||
| 127 | if ((bio = BIO_new_mem_buf(key, key_len)) == NULL) { | 137 | if ((bio = BIO_new_mem_buf(key, key_len)) == NULL) { |
| 128 | tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN, | 138 | tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN, |
| 129 | "failed to create key bio"); | 139 | "failed to create key bio"); |