TLSv1.3 alert and handshake messages can never be 0 length

author Matt Caswell <matt@openssl.org>

Thu, 11 May 2017 09:34:25 +0000 (10:34 +0100)

committer Matt Caswell <matt@openssl.org>

Thu, 11 May 2017 12:13:04 +0000 (13:13 +0100)
author Matt Caswell <matt@openssl.org>
Thu, 11 May 2017 09:34:25 +0000 (10:34 +0100)
committer Matt Caswell <matt@openssl.org>
Thu, 11 May 2017 12:13:04 +0000 (13:13 +0100)
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c

index 4b36f49b6d5f34982abc4152b9efa5bc7fe876d3..aea52fd7fae9f31a096e7347d9c6da3138adbc44 100644 (file)
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -644,6 +644,15 @@ int ssl3_get_record(SSL *s)
                                  &thisrr->data[end], 1, s, s->msg_callback_arg);
          }
  
+        if (SSL_IS_TLS13(s)
+                && (thisrr->type == SSL3_RT_HANDSHAKE
+                    || thisrr->type == SSL3_RT_ALERT)
+                && thisrr->length == 0) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_LENGTH);
+            goto f_err;
+        }
+
          if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
              al = SSL_AD_RECORD_OVERFLOW;
              SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
author	Matt Caswell <matt@openssl.org>
	Thu, 11 May 2017 09:34:25 +0000 (10:34 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 11 May 2017 12:13:04 +0000 (13:13 +0100)