diff options
author | Ben Laurie <ben@links.org> | 2013-09-20 14:39:33 +0100 |
---|---|---|
committer | Trevor Perrin <unsafe@trevp.net> | 2013-09-20 15:39:08 -0700 |
commit | 4f8a706dc7eae6e775f153f6629a1bbd9e134499 (patch) | |
tree | 51a73344690c62690b81e3f90d94b837fcbdb4e0 /ssl | |
parent | 7560f63909bdb1baa751eadc7538e44f27c3f731 (diff) |
Merge remote-tracking branch 'trevp/pemfix' into trev-pem-fix
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_rsa.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 2837624ae9..57a2d846a7 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -1206,6 +1206,7 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) long extension_length = 0; char* name = NULL; char* header = NULL; + char namePrefix[] = "SERVERINFO FOR "; int ret = 0; BIO *bin = NULL; size_t num_extensions = 0; @@ -1241,11 +1242,22 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file) else /* End of file, we're done */ break; } + /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */ + if (strlen(name) < strlen(namePrefix)) + { + SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); + goto end; + } + if (strncmp(name, namePrefix, strlen(namePrefix)) != 0) + { + SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); + goto end; + } /* Check that the decoded PEM data is plausible (valid length field) */ if (extension_length < 4 || (extension[2] << 8) + extension[3] != extension_length - 4) { - SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); - goto end; + SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_PEM_LIB); + goto end; } /* Append the decoded extension to the serverinfo buffer */ serverinfo = OPENSSL_realloc(serverinfo, serverinfo_length + extension_length); |