6 files changed, 66 insertions, 22 deletions
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c
index 801eab1b76..8f05c4abc8 100644
--- a/src/lib/libssl/d1_srtp.c
+++ b/src/lib/libssl/d1_srtp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srtp.c,v 1.12 2015/07/14 03:38:26 doug Exp $ */
+/* $OpenBSD: d1_srtp.c,v 1.13 2015/07/15 21:52:02 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -303,11 +303,16 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
        uint16_t id;
        CBS cbs, ciphers, mki;
-        CBS_init(&cbs, d, len);
+        if (len < 0) {
+                SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+                    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                *al = SSL_AD_DECODE_ERROR;
+                goto done;
+        }
+        CBS_init(&cbs, d, len);
        /* Pull off the cipher suite list */
-        if (len < 0 ||
+        if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
-            !CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
            CBS_len(&ciphers) % 2 ||
            CBS_len(&cbs) != 0) {
                SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index 5db0a11618..a19ce74380 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_both.c,v 1.41 2015/07/14 05:41:07 doug Exp $ */
+/* $OpenBSD: s3_both.c,v 1.42 2015/07/15 21:52:02 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -242,9 +242,15 @@ ssl3_get_finished(SSL *s, int a, int b)
        md_len = s->method->ssl3_enc->finish_mac_length;
+        if (n < 0) {
+                al = SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
+                goto f_err;
+        }
        CBS_init(&cbs, s->init_msg, n);
-        if (n < 0 || s->s3->tmp.peer_finish_md_len != md_len ||
+        if (s->s3->tmp.peer_finish_md_len != md_len ||
            CBS_len(&cbs) != md_len) {
                al = SSL_AD_DECODE_ERROR;
                SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 6bc5a8b622..3f7f3a411d 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.117 2015/07/15 18:35:34 beck Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.118 2015/07/15 21:52:02 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -996,7 +996,6 @@ ssl3_get_server_certificate(SSL *s)
                goto f_err;
        }
-        CBS_init(&cbs, s->init_msg, n);
        if ((sk = sk_X509_new_null()) == NULL) {
                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
@@ -1004,8 +1003,13 @@ ssl3_get_server_certificate(SSL *s)
                goto err;
        }
-        if (n < 0 || CBS_len(&cbs) < 3)
+        if (n < 0)
+                goto truncated;
+        CBS_init(&cbs, s->init_msg, n);
+        if (CBS_len(&cbs) < 3)
                goto truncated;
        if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) ||
            CBS_len(&cbs) != 0) {
                al = SSL_AD_DECODE_ERROR;
@@ -1797,9 +1801,16 @@ ssl3_get_cert_status(SSL *s)
        if (!ok)
                return ((int)n);
-        CBS_init(&cert_status, s->init_msg, n);
+        if (n < 0) {
+                /* need at least status type + length */
+                al = SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+                    SSL_R_LENGTH_MISMATCH);
+                goto f_err;
+        }
-        if (n < 0 || !CBS_get_u8(&cert_status, &status_type) ||
+        CBS_init(&cert_status, s->init_msg, n);
+        if (!CBS_get_u8(&cert_status, &status_type) ||
            CBS_len(&cert_status) < 3) {
                /* need at least status type + length */
                al = SSL_AD_DECODE_ERROR;
diff --git a/src/lib/libssl/src/ssl/d1_srtp.c b/src/lib/libssl/src/ssl/d1_srtp.c
index 801eab1b76..8f05c4abc8 100644
--- a/src/lib/libssl/src/ssl/d1_srtp.c
+++ b/src/lib/libssl/src/ssl/d1_srtp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srtp.c,v 1.12 2015/07/14 03:38:26 doug Exp $ */
+/* $OpenBSD: d1_srtp.c,v 1.13 2015/07/15 21:52:02 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -303,11 +303,16 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
        uint16_t id;
        CBS cbs, ciphers, mki;
-        CBS_init(&cbs, d, len);
+        if (len < 0) {
+                SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+                    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                *al = SSL_AD_DECODE_ERROR;
+                goto done;
+        }
+        CBS_init(&cbs, d, len);
        /* Pull off the cipher suite list */
-        if (len < 0 ||
+        if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
-            !CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
            CBS_len(&ciphers) % 2 ||
            CBS_len(&cbs) != 0) {
                SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c
index 5db0a11618..a19ce74380 100644
--- a/src/lib/libssl/src/ssl/s3_both.c
+++ b/src/lib/libssl/src/ssl/s3_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_both.c,v 1.41 2015/07/14 05:41:07 doug Exp $ */
+/* $OpenBSD: s3_both.c,v 1.42 2015/07/15 21:52:02 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -242,9 +242,15 @@ ssl3_get_finished(SSL *s, int a, int b)
        md_len = s->method->ssl3_enc->finish_mac_length;
+        if (n < 0) {
+                al = SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
+                goto f_err;
+        }
        CBS_init(&cbs, s->init_msg, n);
-        if (n < 0 || s->s3->tmp.peer_finish_md_len != md_len ||
+        if (s->s3->tmp.peer_finish_md_len != md_len ||
            CBS_len(&cbs) != md_len) {
                al = SSL_AD_DECODE_ERROR;
                SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
index 6bc5a8b622..3f7f3a411d 100644
--- a/src/lib/libssl/src/ssl/s3_clnt.c
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.117 2015/07/15 18:35:34 beck Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.118 2015/07/15 21:52:02 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -996,7 +996,6 @@ ssl3_get_server_certificate(SSL *s)
                goto f_err;
        }
-        CBS_init(&cbs, s->init_msg, n);
        if ((sk = sk_X509_new_null()) == NULL) {
                SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
@@ -1004,8 +1003,13 @@ ssl3_get_server_certificate(SSL *s)
                goto err;
        }
-        if (n < 0 || CBS_len(&cbs) < 3)
+        if (n < 0)
+                goto truncated;
+        CBS_init(&cbs, s->init_msg, n);
+        if (CBS_len(&cbs) < 3)
                goto truncated;
        if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) ||
            CBS_len(&cbs) != 0) {
                al = SSL_AD_DECODE_ERROR;
@@ -1797,9 +1801,16 @@ ssl3_get_cert_status(SSL *s)
        if (!ok)
                return ((int)n);
-        CBS_init(&cert_status, s->init_msg, n);
+        if (n < 0) {
+                /* need at least status type + length */
+                al = SSL_AD_DECODE_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
+                    SSL_R_LENGTH_MISMATCH);
+                goto f_err;
+        }
-        if (n < 0 || !CBS_get_u8(&cert_status, &status_type) ||
+        CBS_init(&cert_status, s->init_msg, n);
+        if (!CBS_get_u8(&cert_status, &status_type) ||
            CBS_len(&cert_status) < 3) {
                /* need at least status type + length */
                al = SSL_AD_DECODE_ERROR;