ssl/statem: Replace size_t with int and add the checks

author Jiasheng Jiang <jiasheng@purdue.edu>

Fri, 22 Mar 2024 16:00:39 +0000 (16:00 +0000)

committer Tomas Mraz <tomas@openssl.org>

Fri, 26 Apr 2024 07:28:55 +0000 (09:28 +0200)
author Jiasheng Jiang <jiasheng@purdue.edu>
Fri, 22 Mar 2024 16:00:39 +0000 (16:00 +0000)
committer Tomas Mraz <tomas@openssl.org>
Fri, 26 Apr 2024 07:28:55 +0000 (09:28 +0200)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c

index 77fe629132daa903b0bb92c25704079e902f9383..ef51c61ef3c99d259df6aa6c3bfba3e3f6ca1435 100644 (file)
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -979,8 +979,12 @@ EXT_RETURN tls_construct_ctos_padding(SSL_CONNECTION *s, WPACKET *pkt,
               * Add the fixed PSK overhead, the identity length and the binder
               * length.
               */
+            int md_size = EVP_MD_get_size(md);
+
+            if (md_size <= 0)
+                return EXT_RETURN_FAIL;
              hlen +=  PSK_PRE_BINDER_OVERHEAD + s->session->ext.ticklen
-                     + EVP_MD_get_size(md);
+                     + md_size;
          }
      }
  
@@ -1019,7 +1023,8 @@ EXT_RETURN tls_construct_ctos_psk(SSL_CONNECTION *s, WPACKET *pkt,
  {
  #ifndef OPENSSL_NO_TLS1_3
      uint32_t agesec, agems = 0;
-    size_t reshashsize = 0, pskhashsize = 0, binderoffset, msglen;
+    size_t binderoffset, msglen;
+    int reshashsize = 0, pskhashsize = 0;
      unsigned char *resbinder = NULL, *pskbinder = NULL, *msgstart = NULL;
      const EVP_MD *handmd = NULL, *mdres = NULL, *mdpsk = NULL;
      int dores = 0;
@@ -1115,6 +1120,8 @@ EXT_RETURN tls_construct_ctos_psk(SSL_CONNECTION *s, WPACKET *pkt,
          agems += s->session->ext.tick_age_add;
  
          reshashsize = EVP_MD_get_size(mdres);
+        if (reshashsize <= 0)
+            goto dopsksess;
          s->ext.tick_identity++;
          dores = 1;
      }
@@ -1144,6 +1151,10 @@ EXT_RETURN tls_construct_ctos_psk(SSL_CONNECTION *s, WPACKET *pkt,
          }
  
          pskhashsize = EVP_MD_get_size(mdpsk);
+        if (pskhashsize <= 0) {
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BAD_PSK);
+            return EXT_RETURN_FAIL;
+        }
      }
  
      /* Create the extension, but skip over the binder for now */
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c

index 21db977c88f3d396a911643f575e4b8cfb0b2a12..2962a0bdcd31625c91a09e8f395426aab4c484e5 100644 (file)
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1020,7 +1020,8 @@ int tls_parse_ctos_psk(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
                         X509 *x, size_t chainidx)
  {
      PACKET identities, binders, binder;
-    size_t binderoffset, hashsize;
+    size_t binderoffset;
+    int hashsize;
      SSL_SESSION *sess = NULL;
      unsigned int id, i, ext = 0;
      const EVP_MD *md = NULL;
@@ -1221,6 +1222,8 @@ int tls_parse_ctos_psk(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
  
      binderoffset = PACKET_data(pkt) - (const unsigned char *)s->init_buf->data;
      hashsize = EVP_MD_get_size(md);
+    if (hashsize <= 0)
+        goto err;
  
      if (!PACKET_get_length_prefixed_2(pkt, &binders)) {
          SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
@@ -1234,7 +1237,7 @@ int tls_parse_ctos_psk(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
          }
      }
  
-    if (PACKET_remaining(&binder) != hashsize) {
+    if (PACKET_remaining(&binder) != (size_t)hashsize) {
          SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_EXTENSION);
          goto err;
      }
author	Jiasheng Jiang <jiasheng@purdue.edu>
	Fri, 22 Mar 2024 16:00:39 +0000 (16:00 +0000)
committer	Tomas Mraz <tomas@openssl.org>
	Fri, 26 Apr 2024 07:28:55 +0000 (09:28 +0200)
ssl/statem/extensions_clnt.c		patch \| blob \| history
ssl/statem/extensions_srvr.c		patch \| blob \| history