diff options
Diffstat (limited to 'src/lib/libtls/tls.c')
| -rw-r--r-- | src/lib/libtls/tls.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c index 6dae066922..0b9f12511d 100644 --- a/src/lib/libtls/tls.c +++ b/src/lib/libtls/tls.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls.c,v 1.3 2014/12/07 15:48:02 bcook Exp $ */ | 1 | /* $OpenBSD: tls.c,v 1.4 2014/12/17 17:51:33 doug Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -18,6 +18,7 @@ | |||
| 18 | #include <sys/socket.h> | 18 | #include <sys/socket.h> |
| 19 | 19 | ||
| 20 | #include <errno.h> | 20 | #include <errno.h> |
| 21 | #include <limits.h> | ||
| 21 | #include <stdlib.h> | 22 | #include <stdlib.h> |
| 22 | #include <unistd.h> | 23 | #include <unistd.h> |
| 23 | 24 | ||
| @@ -110,6 +111,11 @@ tls_configure_keypair(struct tls *ctx) | |||
| 110 | BIO *bio = NULL; | 111 | BIO *bio = NULL; |
| 111 | 112 | ||
| 112 | if (ctx->config->cert_mem != NULL) { | 113 | if (ctx->config->cert_mem != NULL) { |
| 114 | if (ctx->config->cert_len > INT_MAX) { | ||
| 115 | tls_set_error(ctx, "certificate too long"); | ||
| 116 | goto err; | ||
| 117 | } | ||
| 118 | |||
| 113 | if (SSL_CTX_use_certificate_chain(ctx->ssl_ctx, | 119 | if (SSL_CTX_use_certificate_chain(ctx->ssl_ctx, |
| 114 | ctx->config->cert_mem, ctx->config->cert_len) != 1) { | 120 | ctx->config->cert_mem, ctx->config->cert_len) != 1) { |
| 115 | tls_set_error(ctx, "failed to load certificate"); | 121 | tls_set_error(ctx, "failed to load certificate"); |
| @@ -118,6 +124,11 @@ tls_configure_keypair(struct tls *ctx) | |||
| 118 | cert = NULL; | 124 | cert = NULL; |
| 119 | } | 125 | } |
| 120 | if (ctx->config->key_mem != NULL) { | 126 | if (ctx->config->key_mem != NULL) { |
| 127 | if (ctx->config->key_len > INT_MAX) { | ||
| 128 | tls_set_error(ctx, "key too long"); | ||
| 129 | goto err; | ||
| 130 | } | ||
| 131 | |||
| 121 | if ((bio = BIO_new_mem_buf(ctx->config->key_mem, | 132 | if ((bio = BIO_new_mem_buf(ctx->config->key_mem, |
| 122 | ctx->config->key_len)) == NULL) { | 133 | ctx->config->key_len)) == NULL) { |
| 123 | tls_set_error(ctx, "failed to create buffer"); | 134 | tls_set_error(ctx, "failed to create buffer"); |
| @@ -229,6 +240,11 @@ tls_read(struct tls *ctx, void *buf, size_t buflen, size_t *outlen) | |||
| 229 | { | 240 | { |
| 230 | int ret, ssl_err; | 241 | int ret, ssl_err; |
| 231 | 242 | ||
| 243 | if (buflen > INT_MAX) { | ||
| 244 | tls_set_error(ctx, "buflen too long"); | ||
| 245 | return (-1); | ||
| 246 | } | ||
| 247 | |||
| 232 | ret = SSL_read(ctx->ssl_conn, buf, buflen); | 248 | ret = SSL_read(ctx->ssl_conn, buf, buflen); |
| 233 | if (ret > 0) { | 249 | if (ret > 0) { |
| 234 | *outlen = (size_t)ret; | 250 | *outlen = (size_t)ret; |
| @@ -252,6 +268,11 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen, size_t *outlen) | |||
| 252 | { | 268 | { |
| 253 | int ret, ssl_err; | 269 | int ret, ssl_err; |
| 254 | 270 | ||
| 271 | if (buflen > INT_MAX) { | ||
| 272 | tls_set_error(ctx, "buflen too long"); | ||
| 273 | return (-1); | ||
| 274 | } | ||
| 275 | |||
| 255 | ret = SSL_write(ctx->ssl_conn, buf, buflen); | 276 | ret = SSL_write(ctx->ssl_conn, buf, buflen); |
| 256 | if (ret > 0) { | 277 | if (ret > 0) { |
| 257 | *outlen = (size_t)ret; | 278 | *outlen = (size_t)ret; |