git.openssl.org Git - openssl.git/commit

author	Peter Kaestle <peter.kaestle@nokia.com>
	Mon, 15 Mar 2021 12:19:56 +0000 (13:19 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 25 Mar 2021 09:48:08 +0000 (09:48 +0000)
commit	02b1636fe3db274497304a3e95a4e32ced7e841b
tree	72f1fa7eb036d2b429394c3b3c52240fc7a5de1e	tree \| snapshot
parent	112580c27b829b0ac0874d5c5787195f27c7952c	commit \| diff

ssl sigalg extension: fix NULL pointer dereference

As the variable peer_sigalgslen is not cleared on ssl rehandshake, it's
possible to crash an openssl tls secured server remotely by sending a
manipulated hello message in a rehandshake.

On such a manipulated rehandshake, tls1_set_shared_sigalgs() calls
tls12_shared_sigalgs() with the peer_sigalgslen of the previous
handshake, while the peer_sigalgs has been freed.
As a result tls12_shared_sigalgs() walks over the available
peer_sigalgs and tries to access data of a NULL pointer.

This issue was introduced by c589c34e61 (Add support for the TLS 1.3
signature_algorithms_cert extension, 2018-01-11).

Signed-off-by: Peter Kästle <peter.kaestle@nokia.com>
Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
CVE-2021-3449

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>