From 47eb97a22f4397f7e4d7b37419d4c88e805cf71b Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 10 Dec 2014 15:43:31 +0000 Subject: ssl3_init_finished_mac() calls BIO_new() which can fail since it in turn calls malloc(). Instead of silently continuing on failure, check the return value of BIO_new() and propagate failure back to the caller for appropriate handling. ok bcook@ --- src/lib/libssl/d1_clnt.c | 7 +++++-- src/lib/libssl/d1_srvr.c | 21 ++++++++++++++++----- src/lib/libssl/s23_clnt.c | 7 +++++-- src/lib/libssl/s23_srvr.c | 7 +++++-- src/lib/libssl/s3_both.c | 8 ++++++-- src/lib/libssl/s3_clnt.c | 7 +++++-- src/lib/libssl/s3_srvr.c | 13 ++++++++++--- src/lib/libssl/src/ssl/d1_clnt.c | 7 +++++-- src/lib/libssl/src/ssl/d1_srvr.c | 21 ++++++++++++++++----- src/lib/libssl/src/ssl/s23_clnt.c | 7 +++++-- src/lib/libssl/src/ssl/s23_srvr.c | 7 +++++-- src/lib/libssl/src/ssl/s3_both.c | 8 ++++++-- src/lib/libssl/src/ssl/s3_clnt.c | 7 +++++-- src/lib/libssl/src/ssl/s3_enc.c | 9 +++++++-- src/lib/libssl/src/ssl/s3_srvr.c | 13 ++++++++++--- src/lib/libssl/src/ssl/ssl_locl.h | 4 ++-- src/lib/libssl/ssl_locl.h | 4 ++-- 17 files changed, 115 insertions(+), 42 deletions(-) diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index a73995ccda..490e2849f1 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.39 2014/12/06 14:24:26 jsing Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.40 2014/12/10 15:43:31 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -310,7 +310,10 @@ dtls1_connect(SSL *s) s->shutdown = 0; /* every DTLS ClientHello resets Finished MAC */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } dtls1_start_timer(s); ret = dtls1_client_hello(s); diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index e1959fb7e1..ee0e62336f 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.42 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.43 2014/12/10 15:43:31 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -272,7 +272,11 @@ dtls1_accept(SSL *s) goto end; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } + s->state = SSL3_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; } else { @@ -297,7 +301,10 @@ dtls1_accept(SSL *s) s->state = SSL3_ST_SW_FLUSH; s->init_num = 0; - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } break; case SSL3_ST_SW_HELLO_REQ_C: @@ -351,8 +358,12 @@ dtls1_accept(SSL *s) s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A; /* HelloVerifyRequest resets Finished MAC */ - if (s->version != DTLS1_BAD_VER) - ssl3_init_finished_mac(s); + if (s->version != DTLS1_BAD_VER) { + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } + } break; #ifndef OPENSSL_NO_SCTP diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index 07bf6d7861..28ea24c173 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_clnt.c,v 1.34 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: s23_clnt.c,v 1.35 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -230,7 +230,10 @@ ssl23_connect(SSL *s) goto end; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } s->state = SSL23_ST_CW_CLNT_HELLO_A; s->ctx->stats.sess_connect++; diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index 9530ecdbaa..a7686c3f40 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_srvr.c,v 1.36 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: s23_srvr.c,v 1.37 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -219,7 +219,10 @@ ssl23_accept(SSL *s) s->init_buf = buf; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } s->state = SSL23_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index 0d9cc3d65c..ffc10774d8 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_both.c,v 1.33 2014/12/10 15:36:46 jsing Exp $ */ +/* $OpenBSD: s3_both.c,v 1.34 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -464,7 +464,11 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) * start a new handshake?). We need to restart the mac. * Don't increment {num,total}_renegotiations because * we have not completed the handshake. */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + SSLerr(SSL_F_SSL3_GET_MESSAGE, + ERR_R_MALLOC_FAILURE); + goto err; + } } s->s3->tmp.message_type= *(p++); diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 6a54dfa359..e7741826ae 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.98 2014/12/10 15:36:46 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.99 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -288,7 +288,10 @@ ssl3_connect(SSL *s) /* don't push the buffering BIO quite yet */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } s->state = SSL3_ST_CW_CLNT_HELLO_A; s->ctx->stats.sess_connect++; diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 43880a0610..645caf4bc9 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.92 2014/12/10 15:36:47 jsing Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.93 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -298,7 +298,11 @@ ssl3_accept(SSL *s) goto end; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } + s->state = SSL3_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; } else if (!s->s3->send_connection_binding) { @@ -334,7 +338,10 @@ ssl3_accept(SSL *s) s->state = SSL3_ST_SW_FLUSH; s->init_num = 0; - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } break; case SSL3_ST_SW_HELLO_REQ_C: diff --git a/src/lib/libssl/src/ssl/d1_clnt.c b/src/lib/libssl/src/ssl/d1_clnt.c index a73995ccda..490e2849f1 100644 --- a/src/lib/libssl/src/ssl/d1_clnt.c +++ b/src/lib/libssl/src/ssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.39 2014/12/06 14:24:26 jsing Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.40 2014/12/10 15:43:31 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -310,7 +310,10 @@ dtls1_connect(SSL *s) s->shutdown = 0; /* every DTLS ClientHello resets Finished MAC */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } dtls1_start_timer(s); ret = dtls1_client_hello(s); diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c index e1959fb7e1..ee0e62336f 100644 --- a/src/lib/libssl/src/ssl/d1_srvr.c +++ b/src/lib/libssl/src/ssl/d1_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srvr.c,v 1.42 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: d1_srvr.c,v 1.43 2014/12/10 15:43:31 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -272,7 +272,11 @@ dtls1_accept(SSL *s) goto end; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } + s->state = SSL3_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; } else { @@ -297,7 +301,10 @@ dtls1_accept(SSL *s) s->state = SSL3_ST_SW_FLUSH; s->init_num = 0; - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } break; case SSL3_ST_SW_HELLO_REQ_C: @@ -351,8 +358,12 @@ dtls1_accept(SSL *s) s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A; /* HelloVerifyRequest resets Finished MAC */ - if (s->version != DTLS1_BAD_VER) - ssl3_init_finished_mac(s); + if (s->version != DTLS1_BAD_VER) { + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } + } break; #ifndef OPENSSL_NO_SCTP diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c index 07bf6d7861..28ea24c173 100644 --- a/src/lib/libssl/src/ssl/s23_clnt.c +++ b/src/lib/libssl/src/ssl/s23_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_clnt.c,v 1.34 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: s23_clnt.c,v 1.35 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -230,7 +230,10 @@ ssl23_connect(SSL *s) goto end; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } s->state = SSL23_ST_CW_CLNT_HELLO_A; s->ctx->stats.sess_connect++; diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c index 9530ecdbaa..a7686c3f40 100644 --- a/src/lib/libssl/src/ssl/s23_srvr.c +++ b/src/lib/libssl/src/ssl/s23_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_srvr.c,v 1.36 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: s23_srvr.c,v 1.37 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -219,7 +219,10 @@ ssl23_accept(SSL *s) s->init_buf = buf; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } s->state = SSL23_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c index 0d9cc3d65c..ffc10774d8 100644 --- a/src/lib/libssl/src/ssl/s3_both.c +++ b/src/lib/libssl/src/ssl/s3_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_both.c,v 1.33 2014/12/10 15:36:46 jsing Exp $ */ +/* $OpenBSD: s3_both.c,v 1.34 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -464,7 +464,11 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) * start a new handshake?). We need to restart the mac. * Don't increment {num,total}_renegotiations because * we have not completed the handshake. */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + SSLerr(SSL_F_SSL3_GET_MESSAGE, + ERR_R_MALLOC_FAILURE); + goto err; + } } s->s3->tmp.message_type= *(p++); diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index 6a54dfa359..e7741826ae 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.98 2014/12/10 15:36:46 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.99 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -288,7 +288,10 @@ ssl3_connect(SSL *s) /* don't push the buffering BIO quite yet */ - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } s->state = SSL3_ST_CW_CLNT_HELLO_A; s->ctx->stats.sess_connect++; diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 09d3dd77a5..ec7df59f3b 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_enc.c,v 1.56 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: s3_enc.c,v 1.57 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -469,14 +469,19 @@ ssl3_enc(SSL *s, int send) return (1); } -void +int ssl3_init_finished_mac(SSL *s) { BIO_free(s->s3->handshake_buffer); ssl3_free_digest_list(s); + s->s3->handshake_buffer = BIO_new(BIO_s_mem()); + if (s->s3->handshake_buffer == NULL) + return (0); (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE); + + return (1); } void diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index 43880a0610..645caf4bc9 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.92 2014/12/10 15:36:47 jsing Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.93 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -298,7 +298,11 @@ ssl3_accept(SSL *s) goto end; } - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } + s->state = SSL3_ST_SR_CLNT_HELLO_A; s->ctx->stats.sess_accept++; } else if (!s->s3->send_connection_binding) { @@ -334,7 +338,10 @@ ssl3_accept(SSL *s) s->state = SSL3_ST_SW_FLUSH; s->init_num = 0; - ssl3_init_finished_mac(s); + if (!ssl3_init_finished_mac(s)) { + ret = -1; + goto end; + } break; case SSL3_ST_SW_HELLO_REQ_C: diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index b94249e9db..322caea87f 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.80 2014/12/10 15:36:47 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.81 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -595,7 +595,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); int ssl_verify_alarm_type(long type); void ssl_load_ciphers(void); -void ssl3_init_finished_mac(SSL *s); +int ssl3_init_finished_mac(SSL *s); int ssl3_send_server_certificate(SSL *s); int ssl3_send_newsession_ticket(SSL *s); int ssl3_send_cert_status(SSL *s); diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index b94249e9db..322caea87f 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.80 2014/12/10 15:36:47 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.81 2014/12/10 15:43:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -595,7 +595,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); int ssl_verify_alarm_type(long type); void ssl_load_ciphers(void); -void ssl3_init_finished_mac(SSL *s); +int ssl3_init_finished_mac(SSL *s); int ssl3_send_server_certificate(SSL *s); int ssl3_send_newsession_ticket(SSL *s); int ssl3_send_cert_status(SSL *s); -- cgit v1.2.3-55-g6feb