From fd1c5e84531a1cd705b8d72bd39e1dd7558c7786 Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Wed, 20 Jun 2018 15:43:50 +1000 Subject: [PATCH] Check for invalid short Alert messages (Short Change Cipher Spec & Handshake messages are already checked for.) --- ChangeLog | 2 ++ library/ssl_tls.c | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/ChangeLog b/ChangeLog index de3bfc2b6..ccaf1187c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -20,6 +20,8 @@ Bugfix seen when communicating with OpenSSL using TLS 1.0. Reported by @kFYatek (#1632) and by Conor Murphy on the forum. Fix contributed by Espressif Systems. + * Fail when receiving a TLS alert message with an invalid length, or invalid + zero-length messages when using TLS 1.2. Contributed by Espressif Systems. Changes * Change the shebang line in Perl scripts to look up perl in the PATH. diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 03600f87e..d5a702785 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4071,6 +4071,16 @@ read_record_header: if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT ) { + if( ssl->in_msglen != 2 ) + { + /* Note: Standard allows for more than one 2 byte alert + to be packed in a single message, but Mbed TLS doesn't + currently support this. */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d", + ssl->in_msglen ) ); + return( MBEDTLS_ERR_SSL_INVALID_RECORD ); + } + MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]", ssl->in_msg[0], ssl->in_msg[1] ) );