TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation
Taking sizeof(ptr) is incorrect to determine size of passed in hash and results in hlen getting set to a very large value since MD5_MAC_LEN > sizeof(ptr). Provide the actual size of the hash buffer from the caller to fix this. tls_key_x_server_params_hash() callers src/tls/tlsv1_client_read.c and src/tls/tlsv1_server_write.c both pass in a large enough hash (hash[64] or hash[100]) that this does not appear to have an impact, though it is still wrong. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
Glenn Strauss
Jouni Malinen
parent
802b67bced
commit
12f16c27ba
4 changed files with 9 additions and 5 deletions
|
|
@ -771,7 +771,8 @@ static int tlsv1_process_diffie_hellman(struct tlsv1_client *conn,
|
|||
hlen = tls_key_x_server_params_hash(
|
||||
conn->rl.tls_version, conn->client_random,
|
||||
conn->server_random, server_params,
|
||||
server_params_end - server_params, hash);
|
||||
server_params_end - server_params, hash,
|
||||
sizeof(hash));
|
||||
}
|
||||
|
||||
if (hlen < 0)
|
||||
|
|
|
|||
|
|
@ -378,7 +378,7 @@ int tlsv12_key_x_server_params_hash(u16 tls_version, u8 hash_alg,
|
|||
int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
|
||||
const u8 *server_random,
|
||||
const u8 *server_params,
|
||||
size_t server_params_len, u8 *hash)
|
||||
size_t server_params_len, u8 *hash, size_t hsz)
|
||||
{
|
||||
u8 *hpos;
|
||||
size_t hlen;
|
||||
|
|
@ -393,6 +393,8 @@ int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
|
|||
crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
|
||||
crypto_hash_update(ctx, server_params, server_params_len);
|
||||
hlen = MD5_MAC_LEN;
|
||||
if (hsz < hlen)
|
||||
return -1;
|
||||
if (crypto_hash_finish(ctx, hash, &hlen) < 0)
|
||||
return -1;
|
||||
hpos += hlen;
|
||||
|
|
@ -403,7 +405,7 @@ int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
|
|||
crypto_hash_update(ctx, client_random, TLS_RANDOM_LEN);
|
||||
crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
|
||||
crypto_hash_update(ctx, server_params, server_params_len);
|
||||
hlen = hash + sizeof(hash) - hpos;
|
||||
hlen = hsz - hlen;
|
||||
if (crypto_hash_finish(ctx, hpos, &hlen) < 0)
|
||||
return -1;
|
||||
hpos += hlen;
|
||||
|
|
|
|||
|
|
@ -267,7 +267,8 @@ int tlsv12_key_x_server_params_hash(u16 tls_version, u8 hash_Alg,
|
|||
int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
|
||||
const u8 *server_random,
|
||||
const u8 *server_params,
|
||||
size_t server_params_len, u8 *hash);
|
||||
size_t server_params_len,
|
||||
u8 *hash, size_t hsz);
|
||||
int tls_verify_signature(u16 tls_version, struct crypto_public_key *pk,
|
||||
const u8 *data, size_t data_len,
|
||||
const u8 *pos, size_t len, u8 *alert);
|
||||
|
|
|
|||
|
|
@ -620,7 +620,7 @@ static int tls_write_server_key_exchange(struct tlsv1_server *conn,
|
|||
hlen = tls_key_x_server_params_hash(
|
||||
conn->rl.tls_version, conn->client_random,
|
||||
conn->server_random, server_params,
|
||||
pos - server_params, hash);
|
||||
pos - server_params, hash, sizeof(hash));
|
||||
}
|
||||
|
||||
if (hlen < 0) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue