Implement known-IV countermeasure.

Fix length checks in ssl3_get_client_hello(). Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
author: Bodo Möller <bodo@openssl.org> 2002-04-13 22:47:20 +0000
committer: Bodo Möller <bodo@openssl.org> 2002-04-13 22:47:20 +0000
commit: 82b0bf0b8792bdc113cadc04a1f9d40f0e0cfbfc (patch)
tree: 708f5e5cb06a863a90c9742071bae98310b5b980 /ssl/s3_srvr.c
parent: 3a7cef3e76aae1ef0d03f50b9e7ebcdf41b30c90 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index d6247a64ea..99b6a86983 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -727,7 +727,7 @@ static int ssl3_get_client_hello(SSL *s)
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
 		goto f_err;
 		}
-	if ((i+p) > (d+n))
+	if ((p+i) >= (d+n))
 		{
 		/* not enough data */
 		al=SSL_AD_DECODE_ERROR;
@@ -784,6 +784,13 @@ static int ssl3_get_client_hello(SSL *s)
 
 	/* compression */
 	i= *(p++);
+	if ((p+i) > (d+n))
+		{
+		/* not enough data */
+		al=SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+		goto f_err;
+		}
 	q=p;
 	for (j=0; j<i; j++)
 		{
@@ -831,7 +838,7 @@ static int ssl3_get_client_hello(SSL *s)
 	/* TLS does not mind if there is extra stuff */
 	if (s->version == SSL3_VERSION)
 		{
-		if (p > (d+n))
+		if (p < (d+n))
 			{
 			/* wrong number of bytes,
 			 * there could be more to follow */
author	Bodo Möller <bodo@openssl.org>	2002-04-13 22:47:20 +0000
committer	Bodo Möller <bodo@openssl.org>	2002-04-13 22:47:20 +0000
commit	82b0bf0b8792bdc113cadc04a1f9d40f0e0cfbfc (patch)
tree	708f5e5cb06a863a90c9742071bae98310b5b980 /ssl/s3_srvr.c
parent	3a7cef3e76aae1ef0d03f50b9e7ebcdf41b30c90 (diff)