Added max length checking of hostname

2025-03-23 05:35:14 +00:00 · 2015-09-29 23:27:20 +01:00 · 2015-09-29 23:27:20 +01:00 · c988f32add
parent 21823f9a69
commit c988f32add
2 changed files with 5 additions and 0 deletions
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@ -198,6 +198,8 @@
 #endif /* POLARSSL_SSL_PROTO_TLS1_1 */
 #endif /* POLARSSL_SSL_PROTO_TLS1_2 */

+#define SSL_MAX_HOST_NAME_LEN           255 /*!< Maximum host name defined in RFC 1035 */
+
 /* RFC 6066 section 4, see also mfl_code_to_length in ssl_tls.c
 * NONE must be zero so that memset()ing structure to zero works */
 #define SSL_MAX_FRAG_LEN_NONE           0   /*!< don't use this extension   */
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -4148,6 +4148,9 @@ int ssl_set_hostname( ssl_context *ssl, const char *hostname )
    if( ssl->hostname_len + 1 == 0 )
        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );

+    if( ssl->hostname_len > SSL_MAX_HOST_NAME_LEN )
+        return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+
    ssl->hostname = polarssl_malloc( ssl->hostname_len + 1 );

    if( ssl->hostname == NULL )