feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #2239 from JacobBarthelmeh/Fuzzer

Browse Source 
add sanity check on length of PSK identity
This commit is contained in:
toddouska
2019-05-23 11:40:13 -07:00
committed by GitHub
parent a742cf9bf8 5aa5f350ba
commit e7fdb1360a
3 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/tls.c
View File

@ -7935,7 +7935,8 @@ static int TLSX_PreSharedKey_Parse(WOLFSSL* ssl, byte* input, word16 length,
/* Length of identity. */ /* Length of identity. */
ato16(input + idx, &identityLen); ato16(input + idx, &identityLen);
idx += OPAQUE16_LEN; idx += OPAQUE16_LEN;
if (len < OPAQUE16_LEN + identityLen + OPAQUE32_LEN) if (len < OPAQUE16_LEN + identityLen + OPAQUE32_LEN ||
identityLen > MAX_PSK_ID_LEN)
return BUFFER_E; return BUFFER_E;
/* Cache identity pointer. */ /* Cache identity pointer. */
identity = input + idx; identity = input + idx;
@ -9585,6 +9586,11 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
WOLFSSL_SESSION* sess = &ssl->session; WOLFSSL_SESSION* sess = &ssl->session;
word32 milli; word32 milli;
if (sess->ticketLen > MAX_PSK_ID_LEN) {
WOLFSSL_MSG("Session ticket length for PSK ext is too large");
return BUFFER_ERROR;
}
/* Determine the MAC algorithm for the cipher suite used. */ /* Determine the MAC algorithm for the cipher suite used. */
ssl->options.cipherSuite0 = sess->cipherSuite0; ssl->options.cipherSuite0 = sess->cipherSuite0;
ssl->options.cipherSuite = sess->cipherSuite; ssl->options.cipherSuite = sess->cipherSuite;

3
src/tls13.c
View File

@ -3378,6 +3378,9 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
#endif #endif
#ifndef NO_PSK #ifndef NO_PSK
if (current->identityLen > MAX_PSK_ID_LEN) {
return BUFFER_ERROR;
}
XMEMCPY(ssl->arrays->client_identity, current->identity, XMEMCPY(ssl->arrays->client_identity, current->identity,
current->identityLen); current->identityLen);
ssl->arrays->client_identity[current->identityLen] = '\0'; ssl->arrays->client_identity[current->identityLen] = '\0';

5
wolfssl/internal.h
View File

@ -1173,7 +1173,12 @@ enum Misc {
HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */ HELLO_EXT_EXTMS = 0x0017, /* ID for the extended master secret ext */
SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH, SECRET_LEN = WOLFSSL_MAX_MASTER_KEY_LENGTH,
/* pre RSA and all master */ /* pre RSA and all master */
#if defined(WOLFSSL_TLS13)
MAX_PSK_ID_LEN = 256, /* max psk identity/hint supported */
#else
MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */ MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */
#endif
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || \ #if defined(WOLFSSL_MYSQL_COMPATIBLE) || \
(defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS > 8192) (defined(USE_FAST_MATH) && defined(FP_MAX_BITS) && FP_MAX_BITS > 8192)
#ifndef NO_PSK #ifndef NO_PSK