diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2012-05-10 13:34:22 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2012-05-10 13:34:22 +0000 |
commit | 5b9d0995a126e1813677b9ea0b5b55337e253cb4 (patch) | |
tree | b4233d39d77ebd1690efdc4ed494817243415804 /ssl | |
parent | 7ad8e1fc4e80ab13a781b94d29fab5ca52a91307 (diff) |
Reported by: Solar Designer of Openwall
Make sure tkeylen is initialised properly when encrypting CMS messages.
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/d1_enc.c | 8 | ||||
-rw-r--r-- | ssl/t1_enc.c | 8 |
2 files changed, 15 insertions, 1 deletions
diff --git a/ssl/d1_enc.c b/ssl/d1_enc.c index becbab91c2..a8b75d7c96 100644 --- a/ssl/d1_enc.c +++ b/ssl/d1_enc.c @@ -208,6 +208,12 @@ int dtls1_enc(SSL *s, int send) rec->input[k]=j; l+=i; rec->length+=i; +if (rec->type == SSL3_RT_APPLICATION_DATA) + { + memset(rec->input, 63, 64); + rec->length = 64; + l = 64; + } } #ifdef KSSL_DEBUG @@ -260,7 +266,7 @@ int dtls1_enc(SSL *s, int send) } /* TLS 1.0 does not bound the number of padding bytes by the block size. * All of them must have value 'padding_length'. */ - if (i > (int)rec->length) + if (i + bs > (int)rec->length) { /* Incorrect padding. SSLerr() and ssl3_alert are done * by caller: we don't want to reveal whether this is diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 201ca9ad6d..3f13934acb 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -793,6 +793,12 @@ int tls1_enc(SSL *s, int send) rec->input[k]=j; l+=i; rec->length+=i; +if (rec->type == SSL3_RT_APPLICATION_DATA) + { + memset(rec->input, 63, 64); + rec->length = 64; + l = 64; + } } #ifdef KSSL_DEBUG @@ -889,6 +895,8 @@ int tls1_enc(SSL *s, int send) if (s->version >= TLS1_1_VERSION && EVP_CIPHER_CTX_mode(ds) == EVP_CIPH_CBC_MODE) { + if (bs > (int)rec->length) + return -1; rec->data += bs; /* skip the explicit IV */ rec->input += bs; rec->length -= bs; |