1 files changed, 23 insertions, 17 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index adde3cd39e..261e4e996f 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.45 2015/06/13 08:38:10 doug Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.46 2015/07/14 05:26:32 doug Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -113,6 +113,7 @@
 * [including the GNU Public Licence.]
 */
+#include <limits.h>
 #include <stdio.h>
 #include "ssl_locl.h"
@@ -124,6 +125,8 @@
 #include <openssl/md5.h>
 #include <openssl/objects.h>
+#include "bytestring.h"
 static const SSL_METHOD *dtls1_get_client_method(int ver);
 static int dtls1_get_hello_verify(SSL *s);
@@ -697,9 +700,11 @@ err:
 static int
 dtls1_get_hello_verify(SSL *s)
 {
-        int n, al, ok = 0;
+        long n;
-        unsigned char *data;
+        int al, ok = 0;
-        unsigned int cookie_len;
+        size_t cookie_len;
+        uint16_t ssl_version;
+        CBS hello_verify_request, cookie;
        n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
            DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list, &ok);
@@ -713,32 +718,33 @@ dtls1_get_hello_verify(SSL *s)
                return (1);
        }
-        if (2 > n)
+        if (n < 0)
                goto truncated;
-        data = (unsigned char *)s->init_msg;
-        if ((data[0] != (s->version >> 8)) || (data[1] != (s->version&0xff))) {
+        CBS_init(&hello_verify_request, s->init_msg, n);
+        if (!CBS_get_u16(&hello_verify_request, &ssl_version))
+                goto truncated;
+        if (ssl_version != s->version) {
                SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
-                s->version = (s->version & 0xff00) | data[1];
+                s->version = (s->version & 0xff00) | (ssl_version & 0xff);
                al = SSL_AD_PROTOCOL_VERSION;
                goto f_err;
        }
-        data += 2;
-        if (2 + 1 > n)
+        if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
-                goto truncated;
-        cookie_len = *(data++);
-        if (2 + 1 + cookie_len > n)
                goto truncated;
-        if (cookie_len > sizeof(s->d1->cookie)) {
+        if (!CBS_write_bytes(&cookie, s->d1->cookie,
+            sizeof(s->d1->cookie), &cookie_len)) {
+                s->d1->cookie_len = 0;
                al = SSL_AD_ILLEGAL_PARAMETER;
                goto f_err;
        }
-        memcpy(s->d1->cookie, data, cookie_len);
        s->d1->cookie_len = cookie_len;
        s->d1->send_cookie = 1;
        return 1;
 truncated:

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index adde3cd39e..261e4e996f 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_clnt.c,v 1.45 2015/06/13 08:38:10 doug Exp $ */	1	/* $OpenBSD: d1_clnt.c,v 1.46 2015/07/14 05:26:32 doug Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -113,6 +113,7 @@
113	* [including the GNU Public Licence.]	113	* [including the GNU Public Licence.]
114	*/	114	*/
115		115
		116	#include <limits.h>
116	#include <stdio.h>	117	#include <stdio.h>
117		118
118	#include "ssl_locl.h"	119	#include "ssl_locl.h"
@@ -124,6 +125,8 @@
124	#include <openssl/md5.h>	125	#include <openssl/md5.h>
125	#include <openssl/objects.h>	126	#include <openssl/objects.h>
126		127
		128	#include "bytestring.h"
		129
127	static const SSL_METHOD *dtls1_get_client_method(int ver);	130	static const SSL_METHOD *dtls1_get_client_method(int ver);
128	static int dtls1_get_hello_verify(SSL *s);	131	static int dtls1_get_hello_verify(SSL *s);
129		132
@@ -697,9 +700,11 @@ err:
697	static int	700	static int
698	dtls1_get_hello_verify(SSL *s)	701	dtls1_get_hello_verify(SSL *s)
699	{	702	{
700	int n, al, ok = 0;	703	long n;
701	unsigned char *data;	704	int al, ok = 0;
702	unsigned int cookie_len;	705	size_t cookie_len;
		706	uint16_t ssl_version;
		707	CBS hello_verify_request, cookie;
703		708
704	n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,	709	n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
705	DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list, &ok);	710	DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list, &ok);
@@ -713,32 +718,33 @@ dtls1_get_hello_verify(SSL *s)
713	return (1);	718	return (1);
714	}	719	}
715		720
716	if (2 > n)	721	if (n < 0)
717	goto truncated;	722	goto truncated;
718	data = (unsigned char *)s->init_msg;
719		723
720	if ((data[0] != (s->version >> 8)) \|\| (data[1] != (s->version&0xff))) {	724	CBS_init(&hello_verify_request, s->init_msg, n);
		725
		726	if (!CBS_get_u16(&hello_verify_request, &ssl_version))
		727	goto truncated;
		728
		729	if (ssl_version != s->version) {
721	SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);	730	SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
722	s->version = (s->version & 0xff00) \| data[1];	731	s->version = (s->version & 0xff00) \| (ssl_version & 0xff);
723	al = SSL_AD_PROTOCOL_VERSION;	732	al = SSL_AD_PROTOCOL_VERSION;
724	goto f_err;	733	goto f_err;
725	}	734	}
726	data += 2;
727		735
728	if (2 + 1 > n)	736	if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
729	goto truncated;
730	cookie_len = *(data++);
731	if (2 + 1 + cookie_len > n)
732	goto truncated;	737	goto truncated;
733	if (cookie_len > sizeof(s->d1->cookie)) {	738
		739	if (!CBS_write_bytes(&cookie, s->d1->cookie,
		740	sizeof(s->d1->cookie), &cookie_len)) {
		741	s->d1->cookie_len = 0;
734	al = SSL_AD_ILLEGAL_PARAMETER;	742	al = SSL_AD_ILLEGAL_PARAMETER;
735	goto f_err;	743	goto f_err;
736	}	744	}
737
738	memcpy(s->d1->cookie, data, cookie_len);
739	s->d1->cookie_len = cookie_len;	745	s->d1->cookie_len = cookie_len;
740
741	s->d1->send_cookie = 1;	746	s->d1->send_cookie = 1;
		747
742	return 1;	748	return 1;
743		749
744	truncated:	750	truncated: