PR: 2628
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Send alert instead of assertion failure for incorrectly formatted DTLS fragments.
This commit is contained in:
Dr. Stephen Henson
parent
6d24c09a69
commit
5372f5f989
@ -793,7 +793,13 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
|
|||||||
*ok = 0;
|
*ok = 0;
|
||||||
return i;
|
return i;
|
||||||
}
|
}
|
||||||
OPENSSL_assert(i == DTLS1_HM_HEADER_LENGTH);
|
/* Handshake fails if message header is incomplete */
|
||||||
|
if (i != DTLS1_HM_HEADER_LENGTH)
|
||||||
|
{
|
||||||
|
al=SSL_AD_UNEXPECTED_MESSAGE;
|
||||||
|
SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
|
||||||
|
goto f_err;
|
||||||
|
}
|
||||||
|
|
||||||
/* parse the message fragment header */
|
/* parse the message fragment header */
|
||||||
dtls1_get_message_header(wire, &msg_hdr);
|
dtls1_get_message_header(wire, &msg_hdr);
|
||||||
@ -865,7 +871,12 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
|
|||||||
|
|
||||||
/* XDTLS: an incorrectly formatted fragment should cause the
|
/* XDTLS: an incorrectly formatted fragment should cause the
|
||||||
* handshake to fail */
|
* handshake to fail */
|
||||||
OPENSSL_assert(i == (int)frag_len);
|
if (i != (int)frag_len)
|
||||||
|
{
|
||||||
|
al=SSL3_AD_ILLEGAL_PARAMETER;
|
||||||
|
SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL3_AD_ILLEGAL_PARAMETER);
|
||||||
|
goto f_err;
|
||||||
|
}
|
||||||
|
|
||||||
*ok = 1;
|
*ok = 1;
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user