diff options
| author |   jsing <jsing@openbsd.org> | 2020-10-11 02:59:47 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-10-11 02:59:47 +0000 |
| commit | ff7f34c78d5b28fde22a7a39ec1360721406e0bf (patch) | |
| tree | 11fd10c5a53a4c18409b5eed04b91bbbfb22ad67 | |
| parent | No longer need to cast away const in srtp_find_profile_by_name() (diff) | |
| download | wireguard-openbsd-ff7f34c78d5b28fde22a7a39ec1360721406e0bf.tar.xz wireguard-openbsd-ff7f34c78d5b28fde22a7a39ec1360721406e0bf.zip | |
Grow init_buf before stashing a handshake message for the legacy stack.
When transitioning from the TLSv1.3 stack to the legacy stack, grow
init_buf before stashing the handshake message. The TLSv1.3 stack has
already received the handshake message (potentially from multiple TLS
records) and validated its size, however the default allocation is only
for a single plaintext record, which can result in the handshake message
failing to fit in certain cases.
Issue noted by tb@ via tlsfuzzer.
ok tb@
| -rw-r--r-- | lib/libssl/tls13_legacy.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libssl/tls13_legacy.c b/lib/libssl/tls13_legacy.c index 943e2db9a18..a9a7fff3e06 100644 --- a/lib/libssl/tls13_legacy.c +++ b/lib/libssl/tls13_legacy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_legacy.c,v 1.16 2020/10/11 02:22:27 jsing Exp $ */ +/* $OpenBSD: tls13_legacy.c,v 1.17 2020/10/11 02:59:47 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -340,6 +340,8 @@ tls13_use_legacy_stack(struct tls13_ctx *ctx) /* Stash the current handshake message. */ tls13_handshake_msg_data(ctx->hs_msg, &cbs); + if (!BUF_MEM_grow_clean(s->internal->init_buf, CBS_len(&cbs))) + goto err; if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, s->internal->init_buf->length, NULL)) goto err; |