mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:55:43 +01:00
Fix possible buffer overflow with PSK
This commit is contained in:
parent
fdddac90a6
commit
b2bf5a1bbb
@ -25,10 +25,11 @@ Changes
|
||||
|
||||
Security
|
||||
* Forbid change of server certificate during renegotiation to prevent
|
||||
"triple handshake" attack when authentication mode is optional (the
|
||||
"triple handshake" attack when authentication mode is 'optional' (the
|
||||
attack was already impossible when authentication is required).
|
||||
* Check notBefore timestamp of certificates and CRLs from the future.
|
||||
* Forbid sequence number wrapping
|
||||
* Fix possible buffer overflow with overlong PSK
|
||||
|
||||
Bugfix
|
||||
* ecp_gen_keypair() does more tries to prevent failure because of
|
||||
|
@ -2455,7 +2455,7 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl,
|
||||
|
||||
ret = pk_decrypt( ssl_own_key( ssl ), p, len,
|
||||
pms, &ssl->handshake->pmslen,
|
||||
sizeof(ssl->handshake->premaster),
|
||||
sizeof( ssl->handshake->premaster ) - pms_offset,
|
||||
ssl->f_rng, ssl->p_rng );
|
||||
|
||||
if( ret != 0 || ssl->handshake->pmslen != 48 ||
|
||||
|
@ -916,6 +916,9 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex )
|
||||
}
|
||||
|
||||
/* opaque psk<0..2^16-1>; */
|
||||
if( end - p < 2 + (int) ssl->psk_len )
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
*(p++) = (unsigned char)( ssl->psk_len >> 8 );
|
||||
*(p++) = (unsigned char)( ssl->psk_len );
|
||||
memcpy( p, ssl->psk, ssl->psk_len );
|
||||
@ -3784,6 +3787,14 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
|
||||
if( psk == NULL || psk_identity == NULL )
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
* The length will be check later anyway, but in case it is obviously
|
||||
* too large, better abort now. The PMS is as follows:
|
||||
* other_len (2 bytes) + other + psk_len (2 bytes) + psk
|
||||
*/
|
||||
if( psk_len + 4 > POLARSSL_PREMASTER_SIZE )
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
|
||||
if( ssl->psk != NULL )
|
||||
{
|
||||
polarssl_free( ssl->psk );
|
||||
|
Loading…
Reference in New Issue
Block a user