Fix potential bad read in parsing ServerHello

2025-01-23 23:01:10 +00:00 · 2014-10-23 14:58:09 +02:00 · 2014-10-23 14:58:09 +02:00 · 066c1f60bb
parent 6b44038913
commit 066c1f60bb
2 changed files with 15 additions and 2 deletions
--- a/4
+++ b/4
@ -7,6 +7,10 @@ Security
     (server is not affected if it doesn't ask for a client certificate).
     (Found using Codenomicon Defensics.)

+Bugfix
+   * Fix potential bad read in parsing ServerHello (found by Adrien
+     Vialletelle).
+
 Changes
   * X.509 certificates with more than one AttributeTypeAndValue per
     RelativeDistinguishedName are not accepted any more.
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -377,7 +377,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
 #endif
    int ret, i, comp;
    size_t n;
-    size_t ext_len = 0;
+    size_t ext_len;
    unsigned char *buf, *ext;
    int renegotiation_info_seen = 0;
    int handshake_failure = 0;
@ -464,7 +464,7 @@ static int ssl_parse_server_hello( ssl_context *ssl )
     *   42+n . 43+n  extensions length
     *   44+n . 44+n+m extensions
     */
-    if( ssl->in_hslen > 42 + n )
+    if( ssl->in_hslen > 43 + n )
    {
        ext_len = ( ( buf[42 + n] <<  8 )
                  | ( buf[43 + n]       ) );
@ -476,6 +476,15 @@ static int ssl_parse_server_hello( ssl_context *ssl )
            return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
        }
    }
+    else if( ssl->in_hslen == 42 + n )
+    {
+        ext_len = 0;
+    }
+    else
+    {
+        SSL_DEBUG_MSG( 1, ( "bad server hello message" ) );
+        return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }

    i = ( buf[39 + n] << 8 ) | buf[40 + n];
    comp = buf[41 + n];