1 # The patch is based on the following commit from the upstream: |
|
2 # https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7 |
|
3 # The fix is patched until the new version becomes available |
|
4 # from the upstream. |
|
5 --- a/ssl/s3_srvr.c |
|
6 +++ b/ssl/s3_srvr.c |
|
7 @@ -1040,7 +1040,7 @@ int ssl3_get_client_hello(SSL *s) |
|
8 |
|
9 session_length = *(p + SSL3_RANDOM_SIZE); |
|
10 |
|
11 - if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) { |
|
12 + if (SSL3_RANDOM_SIZE + session_length + 1 >= (d + n) - p) { |
|
13 al = SSL_AD_DECODE_ERROR; |
|
14 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); |
|
15 goto f_err; |
|
16 @@ -1058,7 +1058,7 @@ int ssl3_get_client_hello(SSL *s) |
|
17 /* get the session-id */ |
|
18 j = *(p++); |
|
19 |
|
20 - if (p + j > d + n) { |
|
21 + if ((d + n) - p < j) { |
|
22 al = SSL_AD_DECODE_ERROR; |
|
23 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); |
|
24 goto f_err; |
|
25 @@ -1114,14 +1114,14 @@ int ssl3_get_client_hello(SSL *s) |
|
26 |
|
27 if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { |
|
28 /* cookie stuff */ |
|
29 - if (p + 1 > d + n) { |
|
30 + if ((d + n) - p < 1) { |
|
31 al = SSL_AD_DECODE_ERROR; |
|
32 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); |
|
33 goto f_err; |
|
34 } |
|
35 cookie_len = *(p++); |
|
36 |
|
37 - if (p + cookie_len > d + n) { |
|
38 + if ((d + n ) - p < cookie_len) { |
|
39 al = SSL_AD_DECODE_ERROR; |
|
40 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); |
|
41 goto f_err; |
|
42 @@ -1166,7 +1166,7 @@ int ssl3_get_client_hello(SSL *s) |
|
43 p += cookie_len; |
|
44 } |
|
45 |
|
46 - if (p + 2 > d + n) { |
|
47 + if ((d + n ) - p < 2) { |
|
48 al = SSL_AD_DECODE_ERROR; |
|
49 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); |
|
50 goto f_err; |
|
51 @@ -1180,7 +1180,7 @@ int ssl3_get_client_hello(SSL *s) |
|
52 } |
|
53 |
|
54 /* i bytes of cipher data + 1 byte for compression length later */ |
|
55 - if ((p + i + 1) > (d + n)) { |
|
56 + if ((d + n) - p < i + 1) { |
|
57 /* not enough data */ |
|
58 al = SSL_AD_DECODE_ERROR; |
|
59 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); |
|
60 @@ -1246,7 +1246,7 @@ int ssl3_get_client_hello(SSL *s) |
|
61 |
|
62 /* compression */ |
|
63 i = *(p++); |
|
64 - if ((p + i) > (d + n)) { |
|
65 + if ((d + n) - p < i) { |
|
66 /* not enough data */ |
|
67 al = SSL_AD_DECODE_ERROR; |
|
68 SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH); |
|
69 --- a/ssl/ssl_sess.c |
|
70 +++ b/ssl/ssl_sess.c |
|
71 @@ -602,7 +602,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, |
|
72 int r; |
|
73 #endif |
|
74 |
|
75 - if (session_id + len > limit) { |
|
76 + if (limit - session_id < len) { |
|
77 fatal = 1; |
|
78 goto err; |
|
79 } |
|
80 --- a/ssl/t1_lib.c |
|
81 +++ b/ssl/t1_lib.c |
|
82 @@ -942,11 +942,11 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, |
|
83 0x02, 0x03, /* SHA-1/ECDSA */ |
|
84 }; |
|
85 |
|
86 - if (data >= (limit - 2)) |
|
87 + if (limit - data <= 2) |
|
88 return; |
|
89 data += 2; |
|
90 |
|
91 - if (data > (limit - 4)) |
|
92 + if (limit - data < 4) |
|
93 return; |
|
94 n2s(data, type); |
|
95 n2s(data, size); |
|
96 @@ -954,7 +954,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, |
|
97 if (type != TLSEXT_TYPE_server_name) |
|
98 return; |
|
99 |
|
100 - if (data + size > limit) |
|
101 + if (limit - data < size) |
|
102 return; |
|
103 data += size; |
|
104 |
|
105 @@ -962,7 +962,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, |
|
106 const size_t len1 = sizeof(kSafariExtensionsBlock); |
|
107 const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock); |
|
108 |
|
109 - if (data + len1 + len2 != limit) |
|
110 + if (limit - data != (int)(len1 + len2)) |
|
111 return; |
|
112 if (memcmp(data, kSafariExtensionsBlock, len1) != 0) |
|
113 return; |
|
114 @@ -971,7 +971,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data, |
|
115 } else { |
|
116 const size_t len = sizeof(kSafariExtensionsBlock); |
|
117 |
|
118 - if (data + len != limit) |
|
119 + if (limit - data != (int)(len)) |
|
120 return; |
|
121 if (memcmp(data, kSafariExtensionsBlock, len) != 0) |
|
122 return; |
|
123 @@ -1019,19 +1019,19 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, |
|
124 if (data == limit) |
|
125 goto ri_check; |
|
126 |
|
127 - if (data > (limit - 2)) |
|
128 + if (limit - data < 2) |
|
129 goto err; |
|
130 |
|
131 n2s(data, len); |
|
132 |
|
133 - if (data + len != limit) |
|
134 + if (limit - data != len) |
|
135 goto err; |
|
136 |
|
137 - while (data <= (limit - 4)) { |
|
138 + while (limit - data >= 4) { |
|
139 n2s(data, type); |
|
140 n2s(data, size); |
|
141 |
|
142 - if (data + size > (limit)) |
|
143 + if (limit - data < size) |
|
144 goto err; |
|
145 # if 0 |
|
146 fprintf(stderr, "Received extension type %d size %d\n", type, size); |
|
147 @@ -1460,20 +1460,20 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, |
|
148 SSL_TLSEXT_HB_DONT_SEND_REQUESTS); |
|
149 # endif |
|
150 |
|
151 - if (data >= (d + n - 2)) |
|
152 + if ((d + n) - data <= 2) |
|
153 goto ri_check; |
|
154 |
|
155 n2s(data, length); |
|
156 - if (data + length != d + n) { |
|
157 + if ((d + n) - data != length) { |
|
158 *al = SSL_AD_DECODE_ERROR; |
|
159 return 0; |
|
160 } |
|
161 |
|
162 - while (data <= (d + n - 4)) { |
|
163 + while ((d + n) - data >= 4) { |
|
164 n2s(data, type); |
|
165 n2s(data, size); |
|
166 |
|
167 - if (data + size > (d + n)) |
|
168 + if ((d + n) - data < size) |
|
169 goto ri_check; |
|
170 |
|
171 if (s->tlsext_debug_cb) |
|
172 @@ -2179,29 +2179,33 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, |
|
173 /* Skip past DTLS cookie */ |
|
174 if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { |
|
175 i = *(p++); |
|
176 - p += i; |
|
177 - if (p >= limit) |
|
178 + |
|
179 + if (limit - p <= i) |
|
180 return -1; |
|
181 + |
|
182 + p += i; |
|
183 } |
|
184 /* Skip past cipher list */ |
|
185 n2s(p, i); |
|
186 - p += i; |
|
187 - if (p >= limit) |
|
188 + if (limit - p <= i) |
|
189 return -1; |
|
190 + p += i; |
|
191 + |
|
192 /* Skip past compression algorithm list */ |
|
193 i = *(p++); |
|
194 - p += i; |
|
195 - if (p > limit) |
|
196 + if (limit - p < i) |
|
197 return -1; |
|
198 + p += i; |
|
199 + |
|
200 /* Now at start of extensions */ |
|
201 - if ((p + 2) >= limit) |
|
202 + if (limit - p <= 2) |
|
203 return 0; |
|
204 n2s(p, i); |
|
205 - while ((p + 4) <= limit) { |
|
206 + while (limit - p >= 4) { |
|
207 unsigned short type, size; |
|
208 n2s(p, type); |
|
209 n2s(p, size); |
|
210 - if (p + size > limit) |
|
211 + if (limit - p < size) |
|
212 return 0; |
|
213 if (type == TLSEXT_TYPE_session_ticket) { |
|
214 int r; |
|