From 2c978a96b2b6fcd1e8df9f1006b68afdb75ee406 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 23 Feb 2022 10:07:21 +0100 Subject: [PATCH] Prevent possibility of an infinite retry loop and resource exhaution Reported in ZD13606 --- src/internal.c | 7 +++++-- wolfssl/ssl.h | 8 +++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/src/internal.c b/src/internal.c index 327ce501b..31a051ce7 100644 --- a/src/internal.c +++ b/src/internal.c @@ -8949,6 +8949,7 @@ static int SendHandshakeMsg(WOLFSSL* ssl, byte* input, word32 inputSz, static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz) { int recvd; + int retryLimit = WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS; if (ssl->CBIORecv == NULL) { WOLFSSL_MSG("Your IO Recv callback is null, please set"); @@ -8974,9 +8975,11 @@ retry: return -1; case WOLFSSL_CBIO_ERR_WANT_READ: /* want read, would block */ - if (ssl->ctx->autoRetry && !ssl->options.handShakeDone && - !ssl->options.dtls) + if (retryLimit > 0 && ssl->ctx->autoRetry && + !ssl->options.handShakeDone && !ssl->options.dtls) { + retryLimit--; goto retry; + } return WANT_READ; case WOLFSSL_CBIO_ERR_CONN_RST: /* connection reset */ diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index ae3393833..5070b6b13 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -810,6 +810,9 @@ enum Tls13Secret { }; #endif +#ifndef WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS +#define WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS 10 +#endif typedef WOLFSSL_METHOD* (*wolfSSL_method_func)(void* heap); @@ -2196,7 +2199,10 @@ enum { SSL_MODE_ENABLE_PARTIAL_WRITE = 2, SSL_MODE_AUTO_RETRY = 3, /* wolfSSL default is to return WANT_{READ|WRITE} * to the user. This is set by default with - * OPENSSL_COMPATIBLE_DEFAULTS. */ + * OPENSSL_COMPATIBLE_DEFAULTS. The macro + * WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS is used to + * limit the possibility of an infinite retry loop + */ SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */ BIO_CLOSE = 1,