generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

reject zero length point format list or supported curves extensions

Browse Source
This commit is contained in:
Dr. Stephen Henson 2012-11-22 14:15:00 +00:00
parent 04fde2025b
commit 8124ebcd78
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ssl/t1_lib.c
View File

@ -806,7 +806,8 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
int ellipticcurvelist_length = (*(sdata++) << 8); int ellipticcurvelist_length = (*(sdata++) << 8);
ellipticcurvelist_length += (*(sdata++)); ellipticcurvelist_length += (*(sdata++));
if (ellipticcurvelist_length != size - 2) if (ellipticcurvelist_length != size - 2 ||
ellipticcurvelist_length < 1)
{ {
*al = TLS1_AD_DECODE_ERROR; *al = TLS1_AD_DECODE_ERROR;
return 0; return 0;
@ -1065,7 +1066,8 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
unsigned char *sdata = data; unsigned char *sdata = data;
int ecpointformatlist_length = *(sdata++); int ecpointformatlist_length = *(sdata++);
if (ecpointformatlist_length != size - 1) if (ecpointformatlist_length != size - 1 ||
ecpointformatlist_length < 1)
{ {
*al = TLS1_AD_DECODE_ERROR; *al = TLS1_AD_DECODE_ERROR;
return 0; return 0;