diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-28 17:44:57 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-02-28 17:44:57 +0000 |
| commit | 6b276cacc3460c838d82b296a8cae28fe016bf1e (patch) | |
| tree | 037c5f1d1d63c62e0ace9f0af06b8e3e05408251 /lib | |
| parent | 913a9e2cf143ba62d8099936e97f66bb37790176 (diff) | |
Add appropriate length checks to tls13_legacy_{read,write}_bytes()
ok inoguchi@ tb@
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libssl/tls13_lib.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index 0151395be81..e371d717506 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.6 2019/02/26 17:36:30 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.7 2019/02/28 17:44:56 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -251,9 +251,12 @@ tls13_legacy_read_bytes(SSL *ssl, int type, unsigned char *buf, int len, int pee SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } + if (len < 0) { + SSLerror(ssl, SSL_R_BAD_LENGTH); + return -1; + } ret = tls13_read_application_data(ctx->rl, buf, len); - return tls13_legacy_return_code(ssl, ret); } @@ -267,8 +270,11 @@ tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len) SSLerror(ssl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } + if (len <= 0) { + SSLerror(ssl, SSL_R_BAD_LENGTH); + return -1; + } ret = tls13_write_application_data(ctx->rl, buf, len); - return tls13_legacy_return_code(ssl, ret); } |