2 files changed, 74 insertions, 34 deletions
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
index 7230dec671..3022469ea9 100644
--- a/src/lib/libssl/src/ssl/t1_lib.c
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.87 2016/05/30 13:42:54 beck Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.88 2016/08/27 15:58:06 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1206,6 +1206,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
        unsigned short size;
        unsigned short len;
        unsigned char *data = *p;
+        unsigned char *end = d + n;
        int renegotiate_seen = 0;
        int sigalg_seen = 0;
@@ -1214,20 +1215,25 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
        s->s3->next_proto_neg_seen = 0;
        free(s->s3->alpn_selected);
        s->s3->alpn_selected = NULL;
+        s->srtp_profile = NULL;
-        if (data >= (d + n - 2))
+        if (data == end)
                goto ri_check;
+        if (end - data < 2)
+                goto err;
        n2s(data, len);
-        if (data > (d + n - len))
+        if (end - data != len)
-                goto ri_check;
+                goto err;
-        while (data <= (d + n - 4)) {
+        while (end - data >= 4) {
                n2s(data, type);
                n2s(data, size);
-                if (data + size > (d + n))
+                if (end - data < size)
-                        goto ri_check;
+                        goto err;
                if (s->tlsext_debug_cb)
                        s->tlsext_debug_cb(s, 0, type, data, size,
                            s->tlsext_debug_arg);
@@ -1560,6 +1566,10 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
                data += size;
        }
+        /* Spurious data on the end */
+        if (data != end)
+                goto err;
        *p = data;
 ri_check:
@@ -1574,6 +1584,10 @@ ri_check:
        }
        return 1;
+err:
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
 }
 /*
@@ -1599,10 +1613,11 @@ int
 ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
    int n, int *al)
 {
-        unsigned short length;
        unsigned short type;
        unsigned short size;
+        unsigned short len;
        unsigned char *data = *p;
+        unsigned char *end = d + n;
        int tlsext_servername = 0;
        int renegotiate_seen = 0;
@@ -1610,21 +1625,22 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
        free(s->s3->alpn_selected);
        s->s3->alpn_selected = NULL;
-        if (data >= (d + n - 2))
+        if (data == end)
                goto ri_check;
-        n2s(data, length);
+        if (end - data < 2)
-        if (data + length != d + n) {
+                goto err;
-                *al = SSL_AD_DECODE_ERROR;
+        n2s(data, len);
-                return 0;
-        }
+        if (end - data != len)
+                goto err;
-        while (data <= (d + n - 4)) {
+        while (end - data >= 4) {
                n2s(data, type);
                n2s(data, size);
-                if (data + size > (d + n))
+                if (end - data < size)
-                        goto ri_check;
+                        goto err;
                if (s->tlsext_debug_cb)
                        s->tlsext_debug_cb(s, 1, type, data, size,
@@ -1818,6 +1834,10 @@ ri_check:
        }
        return 1;
+err:
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
 }
 int
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 7230dec671..3022469ea9 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.87 2016/05/30 13:42:54 beck Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.88 2016/08/27 15:58:06 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1206,6 +1206,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
        unsigned short size;
        unsigned short len;
        unsigned char *data = *p;
+        unsigned char *end = d + n;
        int renegotiate_seen = 0;
        int sigalg_seen = 0;
@@ -1214,20 +1215,25 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
        s->s3->next_proto_neg_seen = 0;
        free(s->s3->alpn_selected);
        s->s3->alpn_selected = NULL;
+        s->srtp_profile = NULL;
-        if (data >= (d + n - 2))
+        if (data == end)
                goto ri_check;
+        if (end - data < 2)
+                goto err;
        n2s(data, len);
-        if (data > (d + n - len))
+        if (end - data != len)
-                goto ri_check;
+                goto err;
-        while (data <= (d + n - 4)) {
+        while (end - data >= 4) {
                n2s(data, type);
                n2s(data, size);
-                if (data + size > (d + n))
+                if (end - data < size)
-                        goto ri_check;
+                        goto err;
                if (s->tlsext_debug_cb)
                        s->tlsext_debug_cb(s, 0, type, data, size,
                            s->tlsext_debug_arg);
@@ -1560,6 +1566,10 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
                data += size;
        }
+        /* Spurious data on the end */
+        if (data != end)
+                goto err;
        *p = data;
 ri_check:
@@ -1574,6 +1584,10 @@ ri_check:
        }
        return 1;
+err:
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
 }
 /*
@@ -1599,10 +1613,11 @@ int
 ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
    int n, int *al)
 {
-        unsigned short length;
        unsigned short type;
        unsigned short size;
+        unsigned short len;
        unsigned char *data = *p;
+        unsigned char *end = d + n;
        int tlsext_servername = 0;
        int renegotiate_seen = 0;
@@ -1610,21 +1625,22 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
        free(s->s3->alpn_selected);
        s->s3->alpn_selected = NULL;
-        if (data >= (d + n - 2))
+        if (data == end)
                goto ri_check;
-        n2s(data, length);
+        if (end - data < 2)
-        if (data + length != d + n) {
+                goto err;
-                *al = SSL_AD_DECODE_ERROR;
+        n2s(data, len);
-                return 0;
-        }
+        if (end - data != len)
+                goto err;
-        while (data <= (d + n - 4)) {
+        while (end - data >= 4) {
                n2s(data, type);
                n2s(data, size);
-                if (data + size > (d + n))
+                if (end - data < size)
-                        goto ri_check;
+                        goto err;
                if (s->tlsext_debug_cb)
                        s->tlsext_debug_cb(s, 1, type, data, size,
@@ -1818,6 +1834,10 @@ ri_check:
        }
        return 1;
+err:
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
 }
 int

diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 7230dec671..3022469ea9 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.87 2016/05/30 13:42:54 beck Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.88 2016/08/27 15:58:06 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1206,6 +1206,7 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1206	unsigned short size;	1206	unsigned short size;
1207	unsigned short len;	1207	unsigned short len;
1208	unsigned char data = p;	1208	unsigned char data = p;
		1209	unsigned char *end = d + n;
1209	int renegotiate_seen = 0;	1210	int renegotiate_seen = 0;
1210	int sigalg_seen = 0;	1211	int sigalg_seen = 0;
1211		1212
@@ -1214,20 +1215,25 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1214	s->s3->next_proto_neg_seen = 0;	1215	s->s3->next_proto_neg_seen = 0;
1215	free(s->s3->alpn_selected);	1216	free(s->s3->alpn_selected);
1216	s->s3->alpn_selected = NULL;	1217	s->s3->alpn_selected = NULL;
		1218	s->srtp_profile = NULL;
1217		1219
1218	if (data >= (d + n - 2))	1220	if (data == end)
1219	goto ri_check;	1221	goto ri_check;
		1222
		1223	if (end - data < 2)
		1224	goto err;
1220	n2s(data, len);	1225	n2s(data, len);
1221		1226
1222	if (data > (d + n - len))	1227	if (end - data != len)
1223	goto ri_check;	1228	goto err;
1224		1229
1225	while (data <= (d + n - 4)) {	1230	while (end - data >= 4) {
1226	n2s(data, type);	1231	n2s(data, type);
1227	n2s(data, size);	1232	n2s(data, size);
1228		1233
1229	if (data + size > (d + n))	1234	if (end - data < size)
1230	goto ri_check;	1235	goto err;
		1236
1231	if (s->tlsext_debug_cb)	1237	if (s->tlsext_debug_cb)
1232	s->tlsext_debug_cb(s, 0, type, data, size,	1238	s->tlsext_debug_cb(s, 0, type, data, size,
1233	s->tlsext_debug_arg);	1239	s->tlsext_debug_arg);
@@ -1560,6 +1566,10 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1560	data += size;	1566	data += size;
1561	}	1567	}
1562		1568
		1569	/* Spurious data on the end */
		1570	if (data != end)
		1571	goto err;
		1572
1563	*p = data;	1573	*p = data;
1564		1574
1565	ri_check:	1575	ri_check:
@@ -1574,6 +1584,10 @@ ri_check:
1574	}	1584	}
1575		1585
1576	return 1;	1586	return 1;
		1587
		1588	err:
		1589	*al = SSL_AD_DECODE_ERROR;
		1590	return 0;
1577	}	1591	}
1578		1592
1579	/*	1593	/*
@@ -1599,10 +1613,11 @@ int
1599	ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,	1613	ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,
1600	int n, int *al)	1614	int n, int *al)
1601	{	1615	{
1602	unsigned short length;
1603	unsigned short type;	1616	unsigned short type;
1604	unsigned short size;	1617	unsigned short size;
		1618	unsigned short len;
1605	unsigned char data = p;	1619	unsigned char data = p;
		1620	unsigned char *end = d + n;
1606	int tlsext_servername = 0;	1621	int tlsext_servername = 0;
1607	int renegotiate_seen = 0;	1622	int renegotiate_seen = 0;
1608		1623
@@ -1610,21 +1625,22 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,
1610	free(s->s3->alpn_selected);	1625	free(s->s3->alpn_selected);
1611	s->s3->alpn_selected = NULL;	1626	s->s3->alpn_selected = NULL;
1612		1627
1613	if (data >= (d + n - 2))	1628	if (data == end)
1614	goto ri_check;	1629	goto ri_check;
1615		1630
1616	n2s(data, length);	1631	if (end - data < 2)
1617	if (data + length != d + n) {	1632	goto err;
1618	*al = SSL_AD_DECODE_ERROR;	1633	n2s(data, len);
1619	return 0;	1634
1620	}	1635	if (end - data != len)
		1636	goto err;
1621		1637
1622	while (data <= (d + n - 4)) {	1638	while (end - data >= 4) {
1623	n2s(data, type);	1639	n2s(data, type);
1624	n2s(data, size);	1640	n2s(data, size);
1625		1641
1626	if (data + size > (d + n))	1642	if (end - data < size)
1627	goto ri_check;	1643	goto err;
1628		1644
1629	if (s->tlsext_debug_cb)	1645	if (s->tlsext_debug_cb)
1630	s->tlsext_debug_cb(s, 1, type, data, size,	1646	s->tlsext_debug_cb(s, 1, type, data, size,
@@ -1818,6 +1834,10 @@ ri_check:
1818	}	1834	}
1819		1835
1820	return 1;	1836	return 1;
		1837
		1838	err:
		1839	*al = SSL_AD_DECODE_ERROR;
		1840	return 0;
1821	}	1841	}
1822		1842
1823	int	1843	int


diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 7230dec671..3022469ea9 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.87 2016/05/30 13:42:54 beck Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.88 2016/08/27 15:58:06 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1206,6 +1206,7 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1206	unsigned short size;	1206	unsigned short size;
1207	unsigned short len;	1207	unsigned short len;
1208	unsigned char data = p;	1208	unsigned char data = p;
		1209	unsigned char *end = d + n;
1209	int renegotiate_seen = 0;	1210	int renegotiate_seen = 0;
1210	int sigalg_seen = 0;	1211	int sigalg_seen = 0;
1211		1212
@@ -1214,20 +1215,25 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1214	s->s3->next_proto_neg_seen = 0;	1215	s->s3->next_proto_neg_seen = 0;
1215	free(s->s3->alpn_selected);	1216	free(s->s3->alpn_selected);
1216	s->s3->alpn_selected = NULL;	1217	s->s3->alpn_selected = NULL;
		1218	s->srtp_profile = NULL;
1217		1219
1218	if (data >= (d + n - 2))	1220	if (data == end)
1219	goto ri_check;	1221	goto ri_check;
		1222
		1223	if (end - data < 2)
		1224	goto err;
1220	n2s(data, len);	1225	n2s(data, len);
1221		1226
1222	if (data > (d + n - len))	1227	if (end - data != len)
1223	goto ri_check;	1228	goto err;
1224		1229
1225	while (data <= (d + n - 4)) {	1230	while (end - data >= 4) {
1226	n2s(data, type);	1231	n2s(data, type);
1227	n2s(data, size);	1232	n2s(data, size);
1228		1233
1229	if (data + size > (d + n))	1234	if (end - data < size)
1230	goto ri_check;	1235	goto err;
		1236
1231	if (s->tlsext_debug_cb)	1237	if (s->tlsext_debug_cb)
1232	s->tlsext_debug_cb(s, 0, type, data, size,	1238	s->tlsext_debug_cb(s, 0, type, data, size,
1233	s->tlsext_debug_arg);	1239	s->tlsext_debug_arg);
@@ -1560,6 +1566,10 @@ ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
1560	data += size;	1566	data += size;
1561	}	1567	}
1562		1568
		1569	/* Spurious data on the end */
		1570	if (data != end)
		1571	goto err;
		1572
1563	*p = data;	1573	*p = data;
1564		1574
1565	ri_check:	1575	ri_check:
@@ -1574,6 +1584,10 @@ ri_check:
1574	}	1584	}
1575		1585
1576	return 1;	1586	return 1;
		1587
		1588	err:
		1589	*al = SSL_AD_DECODE_ERROR;
		1590	return 0;
1577	}	1591	}
1578		1592
1579	/*	1593	/*
@@ -1599,10 +1613,11 @@ int
1599	ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,	1613	ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,
1600	int n, int *al)	1614	int n, int *al)
1601	{	1615	{
1602	unsigned short length;
1603	unsigned short type;	1616	unsigned short type;
1604	unsigned short size;	1617	unsigned short size;
		1618	unsigned short len;
1605	unsigned char data = p;	1619	unsigned char data = p;
		1620	unsigned char *end = d + n;
1606	int tlsext_servername = 0;	1621	int tlsext_servername = 0;
1607	int renegotiate_seen = 0;	1622	int renegotiate_seen = 0;
1608		1623
@@ -1610,21 +1625,22 @@ ssl_parse_serverhello_tlsext(SSL s, unsigned char p, unsigned char d,
1610	free(s->s3->alpn_selected);	1625	free(s->s3->alpn_selected);
1611	s->s3->alpn_selected = NULL;	1626	s->s3->alpn_selected = NULL;
1612		1627
1613	if (data >= (d + n - 2))	1628	if (data == end)
1614	goto ri_check;	1629	goto ri_check;
1615		1630
1616	n2s(data, length);	1631	if (end - data < 2)
1617	if (data + length != d + n) {	1632	goto err;
1618	*al = SSL_AD_DECODE_ERROR;	1633	n2s(data, len);
1619	return 0;	1634
1620	}	1635	if (end - data != len)
		1636	goto err;
1621		1637
1622	while (data <= (d + n - 4)) {	1638	while (end - data >= 4) {
1623	n2s(data, type);	1639	n2s(data, type);
1624	n2s(data, size);	1640	n2s(data, size);
1625		1641
1626	if (data + size > (d + n))	1642	if (end - data < size)
1627	goto ri_check;	1643	goto err;
1628		1644
1629	if (s->tlsext_debug_cb)	1645	if (s->tlsext_debug_cb)
1630	s->tlsext_debug_cb(s, 1, type, data, size,	1646	s->tlsext_debug_cb(s, 1, type, data, size,
@@ -1818,6 +1834,10 @@ ri_check:
1818	}	1834	}
1819		1835
1820	return 1;	1836	return 1;
		1837
		1838	err:
		1839	*al = SSL_AD_DECODE_ERROR;
		1840	return 0;
1821	}	1841	}
1822		1842
1823	int	1843	int