From: Matt Caswell Date: Fri, 1 Jul 2016 10:58:05 +0000 (+0100) Subject: Avoid an overflow in constructing the ServerKeyExchange message X-Git-Tag: OpenSSL_1_1_0-pre6~286 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=1e16987fc18cce9420dd3b76326b8d25746fa258 Avoid an overflow in constructing the ServerKeyExchange message We calculate the size required for the ServerKeyExchange message and then call BUF_MEM_grow_clean() on the buffer. However we fail to take account of 2 bytes required for the signature algorithm and 2 bytes for the signature length, i.e. we could overflow by 4 bytes. In reality this won't happen because the buffer is pre-allocated to a large size that means it should be big enough anyway. Addresses an OCAP Audit issue. Reviewed-by: Rich Salz --- diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index a88b3219ad..773591cd38 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1792,6 +1792,11 @@ int tls_construct_server_key_exchange(SSL *s) goto f_err; } kn = EVP_PKEY_size(pkey); + /* Allow space for signature algorithm */ + if (SSL_USE_SIGALGS(s)) + kn += 2; + /* Allow space for signature length */ + kn += 2; } else { pkey = NULL; kn = 0;