Commit b2bf5a1b authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard Committed by Paul Bakker
Browse files

Fix possible buffer overflow with PSK

parent fdddac90
......@@ -25,10 +25,11 @@ Changes
Security
* Forbid change of server certificate during renegotiation to prevent
"triple handshake" attack when authentication mode is optional (the
"triple handshake" attack when authentication mode is 'optional' (the
attack was already impossible when authentication is required).
* Check notBefore timestamp of certificates and CRLs from the future.
* Forbid sequence number wrapping
* Fix possible buffer overflow with overlong PSK
Bugfix
* ecp_gen_keypair() does more tries to prevent failure because of
......
......@@ -2455,7 +2455,7 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl,
ret = pk_decrypt( ssl_own_key( ssl ), p, len,
pms, &ssl->handshake->pmslen,
sizeof(ssl->handshake->premaster),
sizeof( ssl->handshake->premaster ) - pms_offset,
ssl->f_rng, ssl->p_rng );
if( ret != 0 || ssl->handshake->pmslen != 48 ||
......
......@@ -916,6 +916,9 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex )
}
/* opaque psk<0..2^16-1>; */
if( end - p < 2 + (int) ssl->psk_len )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
*(p++) = (unsigned char)( ssl->psk_len >> 8 );
*(p++) = (unsigned char)( ssl->psk_len );
memcpy( p, ssl->psk, ssl->psk_len );
......@@ -3784,6 +3787,14 @@ int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len,
if( psk == NULL || psk_identity == NULL )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
/*
* The length will be check later anyway, but in case it is obviously
* too large, better abort now. The PMS is as follows:
* other_len (2 bytes) + other + psk_len (2 bytes) + psk
*/
if( psk_len + 4 > POLARSSL_PREMASTER_SIZE )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
if( ssl->psk != NULL )
{
polarssl_free( ssl->psk );
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment