diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2014-11-27 16:03:04 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-11-27 16:03:04 +0000 |
| commit | 6015b6fdb4381b1419594e78e222f569117b476b (patch) | |
| tree | 4f32f52311306b83dfcdf6f419b42c18178170f9 | |
| parent | 8850dadc19db6bc78baf50b1309aeef97d277668 (diff) | |
Avoid a NULL dereference in the DTLS client that can be triggered by a
crafted server response used in conjunction with an anonymous DH or
anonymous ECDH ciphersuite.
Fixes CVE-2014-3510, which is effectively a repeat of CVE-2014-3470 in
copied code.
Reported by Felix Groebert of the Google Security Team.
ok beck@ miod@
| -rw-r--r-- | lib/libssl/d1_clnt.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c index 7f6e232128a..de5721851ef 100644 --- a/lib/libssl/d1_clnt.c +++ b/lib/libssl/d1_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_clnt.c,v 1.37 2014/11/16 14:12:47 jsing Exp $ */ +/* $OpenBSD: d1_clnt.c,v 1.38 2014/11/27 16:03:03 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -934,6 +934,14 @@ dtls1_send_client_key_exchange(SSL *s) alg_k = s->s3->tmp.new_cipher->algorithm_mkey; + if (s->session->sess_cert == NULL) { + ssl3_send_alert(s, SSL3_AL_FATAL, + SSL_AD_HANDSHAKE_FAILURE); + SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, + ERR_R_INTERNAL_ERROR); + goto err; + } + if (alg_k & SSL_kRSA) { RSA *rsa; unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; |