Don't crash when processing a zero-length, TLS >= 1.1 record.
The previous CBC patch was bugged in that there was a path through enc()
in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left
at the previous value which could suggest that the packet was a
sufficient length when it wasn't.
(cherry picked from commit 6cb19b7681)
(cherry picked from commit 2c948c1bb218f4ae126e14fd3453d42c62b93235)
Conflicts:
ssl/s3_enc.c
This commit is contained in:
Ben Laurie
committed by
Dr. Stephen Henson
Dr. Stephen Henson
parent
2928cb4c82
commit
b3a959a337
10
ssl/s3_enc.c
10
ssl/s3_enc.c
@@ -433,6 +433,15 @@ void ssl3_cleanup_key_block(SSL *s)
|
||||
s->s3->tmp.key_block_length=0;
|
||||
}
|
||||
|
||||
/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
|
||||
*
|
||||
* Returns:
|
||||
* 0: (in non-constant time) if the record is publically invalid (i.e. too
|
||||
* short etc).
|
||||
* 1: if the record's padding is valid / the encryption was successful.
|
||||
* -1: if the record's padding is invalid or, if sending, an internal error
|
||||
* occured.
|
||||
*/
|
||||
int ssl3_enc(SSL *s, int send)
|
||||
{
|
||||
SSL3_RECORD *rec;
|
||||
@@ -503,6 +512,7 @@ int ssl3_enc(SSL *s, int send)
|
||||
|
||||
if (s->read_hash != NULL)
|
||||
mac_size = EVP_MD_size(s->read_hash);
|
||||
|
||||
if ((bs != 1) && !send)
|
||||
return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user