From e0da2c2ed29a3a66c22e6a8a5072b58399835d71 Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@links.org>
Date: Mon, 28 Jan 2013 17:33:18 +0000
Subject: Don't crash when processing a zero-length, TLS >= 1.1 record.

The previous CBC patch was bugged in that there was a path through enc()
in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left
at the previous value which could suggest that the packet was a
sufficient length when it wasn't.
(cherry picked from commit 6cb19b7681f600b2f165e4adc57547b097b475fd)
---
 ssl/s3_enc.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'ssl/s3_enc.c')

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 13ebfc6996..98f3894954 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -487,6 +487,15 @@ void ssl3_cleanup_key_block(SSL *s)
 	s->s3->tmp.key_block_length=0;
 	}
 
+/* ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ *   0: (in non-constant time) if the record is publically invalid (i.e. too
+ *       short etc).
+ *   1: if the record's padding is valid / the encryption was successful.
+ *   -1: if the record's padding is invalid or, if sending, an internal error
+ *       occured.
+ */
 int ssl3_enc(SSL *s, int send)
 	{
 	SSL3_RECORD *rec;
@@ -553,8 +562,6 @@ int ssl3_enc(SSL *s, int send)
 		
 		EVP_Cipher(ds,rec->data,rec->input,l);
 
-		rec->orig_len = rec->length;
-
 		if (EVP_MD_CTX_md(s->read_hash) != NULL)
 			mac_size = EVP_MD_CTX_size(s->read_hash);
 		if ((bs != 1) && !send)
-- 
cgit v1.2.3