Fix crash in dtls1_get_record whilst in the listen state where you get two

separate reads performed - one for the header and one for the body of the
handshake record.

CVE-2014-3571

Reviewed-by: Matt Caswell <matt@openssl.org>

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 208d244fce41cca8b217ff7a81c43cf18b519b79..9badc5e3f2d03a30c27b0c7b4d0f04f468412356 100644 (file)
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -645,8 +645,6 @@ again:
                /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
                i=rr->length;
                n=ssl3_read_n(s,i,i,1);
                /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
                i=rr->length;
                n=ssl3_read_n(s,i,i,1);

-               if (n <= 0) return(n); /* error or non-blocking io */
-

                /* this packet contained a partial record, dump it */
                if ( n != i)
                        {
                /* this packet contained a partial record, dump it */
                if ( n != i)
                        {

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 2de10d644efd46a9841b0d50b74f028716ce0a6a..3d8f821f92b9168f3c7b9504096e00de5ff32435 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -197,6 +197,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
         * at once (as long as it fits into the buffer). */
        if (SSL_IS_DTLS(s))
                {
         * at once (as long as it fits into the buffer). */
        if (SSL_IS_DTLS(s))
                {

+               if (left == 0 && extend)
+                       return 0;

                if (left > 0 && n > left)
                        n = left;
                }
                if (left > 0 && n > left)
                        n = left;
                }