From 3f65a6101076de0d6e6618882055842165daf137 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 12 May 2018 17:27:22 +0000
Subject: If we fail to decode an EC point format extension, send a
 decode_error alert rather than an internal_error alert.

Issue found by Simon Friedberger, Robert Merget and Juraj Somorovsky.

ok beck@ inoguchi@
---
 src/lib/libssl/ssl_tlsext.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 3735b719db..b70be87f3a 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.21 2018/02/08 11:30:30 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.22 2018/05/12 17:27:22 jsing Exp $ */
 /*
  * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -333,14 +333,16 @@ tlsext_ecpf_parse(SSL *s, CBS *cbs, int *alert)
 
 	if (!s->internal->hit) {
 		if (!CBS_stow(&ecpf, &(SSI(s)->tlsext_ecpointformatlist),
-		    &(SSI(s)->tlsext_ecpointformatlist_length)))
-			goto err;
+		    &(SSI(s)->tlsext_ecpointformatlist_length))) {
+			*alert = TLS1_AD_INTERNAL_ERROR;
+			return 0;
+		}
 	}
 
 	return 1;
 
  err:
-	*alert = TLS1_AD_INTERNAL_ERROR;
+	*alert = SSL_AD_DECODE_ERROR;
 	return 0;
 }
 
-- 
cgit v1.2.3-55-g6feb