diff options
author | Matt Caswell <matt@openssl.org> | 2017-02-08 09:33:44 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-02-08 11:41:45 +0000 |
commit | 18b3a80a5fd368f59c322fbb16b7dc92c1f11efa (patch) | |
tree | 93b9883fc6928ff1ae5eb90ec5eebda3bdc6f339 /ssl/record/ssl3_record_tls13.c | |
parent | 21d94d44246bfe2c220bc3b219443ccaedce308d (diff) |
Fix crash in tls13_enc
If s->s3->tmp.new_cipher is NULL then a crash can occur. This can happen
if an alert gets sent after version negotiation (i.e. we have selected
TLSv1.3 and ended up in tls13_enc), but before a ciphersuite has been
selected.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2575)
Diffstat (limited to 'ssl/record/ssl3_record_tls13.c')
-rw-r--r-- | ssl/record/ssl3_record_tls13.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c index 9dc7075cc2..d96a042ff9 100644 --- a/ssl/record/ssl3_record_tls13.c +++ b/ssl/record/ssl3_record_tls13.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include <assert.h> #include "../ssl_locl.h" #include "record_locl.h" @@ -29,7 +30,7 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send) unsigned char *seq; int lenu, lenf; SSL3_RECORD *rec = &recs[0]; - uint32_t alg_enc = s->s3->tmp.new_cipher->algorithm_enc; + uint32_t alg_enc; if (n_recs != 1) { /* Should not happen */ @@ -52,8 +53,18 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send) rec->input = rec->data; return 1; } + ivlen = EVP_CIPHER_CTX_iv_length(ctx); + /* + * To get here we must have selected a ciphersuite - otherwise ctx would + * be NULL + */ + assert(s->s3->tmp.new_cipher != NULL); + if (s->s3->tmp.new_cipher == NULL) + return -1; + alg_enc = s->s3->tmp.new_cipher->algorithm_enc; + if (alg_enc & SSL_AESCCM) { if (alg_enc & (SSL_AES128CCM8 | SSL_AES256CCM8)) taglen = EVP_CCM8_TLS_TAG_LEN; |