X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=ssl%2Fs3_pkt.c;h=9a1d65d8cbbbf12d7673bbc1b2dcb6b876ed4523;hb=4e64f671c97650b060f20b6d930a88f1a2a306f7;hp=93778d15a3a65253fcb4c9842d8f416b50835ee7;hpb=f1f7598ce9ab2d0816d02ea7fa26bff1f3bb3707;p=openssl.git diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 93778d15a3..9a1d65d8cb 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -110,6 +110,7 @@ */ #include +#include #include #define USE_SOCKETS #include "ssl_locl.h" @@ -642,8 +643,16 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) #endif SSL3_BUFFER *wb=&(s->s3->wbuf); int i; + unsigned int u_len = (unsigned int)len; + + if (len < 0) + { + SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_NEGATIVE_LENGTH); + return -1; + } s->rwstate=SSL_NOTHING; + OPENSSL_assert(s->s3->wnum <= INT_MAX); tot=s->s3->wnum; s->s3->wnum=0; @@ -658,6 +667,21 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) } } + /* ensure that if we end up with a smaller value of data to write + * out than the the original len from a write which didn't complete + * for non-blocking I/O and also somehow ended up avoiding + * the check for this in ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as + * it must never be possible to end up with (len-tot) as a large + * number that will then promptly send beyond the end of the users + * buffer ... so we trap and report the error in a way the user + * will notice + */ + if (len < tot) + { + SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_BAD_LENGTH); + return(-1); + } + /* first check if there is a SSL3_BUFFER still being written * out. This will happen with non blocking IO */ if (wb->left != 0) @@ -680,7 +704,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) * compromise is considered worthy. */ if (type==SSL3_RT_APPLICATION_DATA && - len >= 4*(max_send_fragment=s->max_send_fragment) && + u_len >= 4*(max_send_fragment=s->max_send_fragment) && s->compress==NULL && s->msg_callback==NULL && !SSL_USE_ETM(s) && SSL_USE_EXPLICIT_IV(s) && EVP_CIPHER_flags(s->enc_write_ctx->cipher)&EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) @@ -690,7 +714,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) int packlen; /* minimize address aliasing conflicts */ - if ((max_send_fragment&0xffff) == 0) + if ((max_send_fragment&0xfff) == 0) max_send_fragment -= 512; if (tot==0 || wb->buf==NULL) /* allocate jumbo buffer */ @@ -701,7 +725,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE, max_send_fragment,NULL); - if (len>=8*max_send_fragment) packlen *= 8; + if (u_len >= 8*max_send_fragment) packlen *= 8; else packlen *= 4; wb->buf=OPENSSL_malloc(packlen); @@ -753,7 +777,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) EVP_CTRL_TLS1_1_MULTIBLOCK_AAD, sizeof(mb_param),&mb_param); - if (packlen<=0 || packlen>wb->len) /* never happens */ + if (packlen<=0 || packlen>(int)wb->len) /* never happens */ { OPENSSL_free(wb->buf); /* free jumbo buffer */ wb->buf = NULL; @@ -764,9 +788,10 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) mb_param.inp = &buf[tot]; mb_param.len = nw; - EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, - EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT, - sizeof(mb_param),&mb_param); + if (EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, + EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT, + sizeof(mb_param),&mb_param)<=0) + return -1; s->s3->write_sequence[7] += mb_param.interleave; if (s->s3->write_sequence[7] < mb_param.interleave) @@ -815,6 +840,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) return tot; } + n=(len-tot); for (;;) { @@ -863,9 +889,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, SSL3_BUFFER *wb=&(s->s3->wbuf); SSL_SESSION *sess; - if (wb->buf == NULL) - if (!ssl3_setup_write_buffer(s)) - return -1; /* first check if there is a SSL3_BUFFER still being written * out. This will happen with non blocking IO */ @@ -881,6 +904,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* if it went, fall through and send more stuff */ } + if (wb->buf == NULL) + if (!ssl3_setup_write_buffer(s)) + return -1; + if (len == 0 && !create_empty_fragment) return 0; @@ -1227,7 +1254,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) if (!ssl3_setup_read_buffer(s)) return(-1); - if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) || + if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE)) || (peek && (type != SSL3_RT_APPLICATION_DATA))) { SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR); @@ -1333,7 +1360,7 @@ start: { s->rstate=SSL_ST_READ_HEADER; rr->off=0; - if (s->mode & SSL_MODE_RELEASE_BUFFERS) + if (s->mode & SSL_MODE_RELEASE_BUFFERS && s->s3->rbuf.left == 0) ssl3_release_read_buffer(s); } } @@ -1575,6 +1602,15 @@ start: goto f_err; } + if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) + { + al=SSL_AD_UNEXPECTED_MESSAGE; + SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_CCS_RECEIVED_EARLY); + goto f_err; + } + + s->s3->flags &= ~SSL3_FLAGS_CCS_OK; + rr->length=0; if (s->msg_callback) @@ -1709,7 +1745,7 @@ int ssl3_do_change_cipher_spec(SSL *s) if (s->s3->tmp.key_block == NULL) { - if (s->session == NULL) + if (s->session == NULL || s->session->master_key_length == 0) { /* might happen if dtls1_read_bytes() calls this */ SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY); @@ -1757,7 +1793,7 @@ int ssl3_send_alert(SSL *s, int level, int desc) desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */ if (desc < 0) return -1; /* If a fatal one, remove from cache */ - if ((level == 2) && (s->session != NULL)) + if ((level == SSL3_AL_FATAL) && (s->session != NULL)) SSL_CTX_remove_session(s->ctx,s->session); s->s3->alert_dispatch=1;