feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Maintenance: OCSP

Browse Source 
1. Add some minimum bounds checking on the HTTP responses as some can
end up being too short.
This commit is contained in:
John Safranek
2019-11-20 16:49:48 -08:00
parent a1e33e7ec9
commit 6720bc3890
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/wolfio.c
View File

@ -1102,6 +1102,12 @@ int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
switch (state) { switch (state) {
case phr_init: case phr_init:
if (XSTRLEN(start) < 15) { /* 15 is the length of the two
constant strings we're about to
compare against. */
WOLFSSL_MSG("wolfIO_HttpProcessResponse HTTP header too short.");
return -1;
}
if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) { if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) {
start += 9; start += 9;
if (XSTRNCASECMP(start, "200 OK", 6) != 0) { if (XSTRNCASECMP(start, "200 OK", 6) != 0) {
@ -1114,6 +1120,12 @@ int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
case phr_http_start: case phr_http_start:
case phr_have_length: case phr_have_length:
case phr_have_type: case phr_have_type:
if (XSTRLEN(start) < 13) { /* 13 is the shortest of the following
next lines we're checking for. */
WOLFSSL_MSG("wolfIO_HttpProcessResponse content type is too short.");
return -1;
}
if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) { if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) {
int i; int i;