diff options
| author | Ben Laurie <ben@links.org> | 2013-01-28 17:33:18 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-06 13:56:13 +0000 |
| commit | e0da2c2ed29a3a66c22e6a8a5072b58399835d71 (patch) | |
| tree | ff98d5b081657a30e40b857a17809083654f2391 /ssl/s3_enc.c | |
| parent | fb0a59cc58e69203b1269d5f1c355f4944a8b350 (diff) | |
Don't crash when processing a zero-length, TLS >= 1.1 record.
The previous CBC patch was bugged in that there was a path through enc()
in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left
at the previous value which could suggest that the packet was a
sufficient length when it wasn't.
(cherry picked from commit 6cb19b7681f600b2f165e4adc57547b097b475fd)
Diffstat (limited to 'ssl/s3_enc.c')
| -rw-r--r-- | ssl/s3_enc.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 13ebfc6996..98f3894954 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -487,6 +487,15 @@ void ssl3_cleanup_key_block(SSL *s) s->s3->tmp.key_block_length=0; } +/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively. + * + * Returns: + * 0: (in non-constant time) if the record is publically invalid (i.e. too + * short etc). + * 1: if the record's padding is valid / the encryption was successful. + * -1: if the record's padding is invalid or, if sending, an internal error + * occured. + */ int ssl3_enc(SSL *s, int send) { SSL3_RECORD *rec; @@ -553,8 +562,6 @@ int ssl3_enc(SSL *s, int send) EVP_Cipher(ds,rec->data,rec->input,l); - rec->orig_len = rec->length; - if (EVP_MD_CTX_md(s->read_hash) != NULL) mac_size = EVP_MD_CTX_size(s->read_hash); if ((bs != 1) && !send) |