diff --git a/src/internal.c b/src/internal.c index 5c8ab15c8..63c1e39d5 100644 --- a/src/internal.c +++ b/src/internal.c @@ -26757,6 +26757,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (clSuites.suiteSz > WOLFSSL_MAX_SUITE_SZ) return BUFFER_ERROR; + /* Make sure the suiteSz is a multiple of 3. (Old Client Hello) */ + if (clSuites.suiteSz % 3 != 0) + return BUFFER_ERROR; clSuites.hashSigAlgoSz = 0; /* session size */ @@ -27220,6 +27223,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ato16(&input[i], &clSuites.suiteSz); i += OPAQUE16_LEN; + /* Cipher suite lists are always multiples of two in length. */ + if (clSuites.suiteSz % 2 != 0) + return BUFFER_ERROR; + /* suites and compression length check */ if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz) return BUFFER_ERROR; @@ -27431,6 +27438,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (OPAQUE16_LEN + hashSigAlgoSz > extSz) return BUFFER_ERROR; + if (hashSigAlgoSz % 2 != 0) + return BUFFER_ERROR; + clSuites.hashSigAlgoSz = hashSigAlgoSz; if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) { WOLFSSL_MSG("ClientHello SigAlgo list exceeds max, " diff --git a/src/tls.c b/src/tls.c index 292dfb871..71bdedac4 100644 --- a/src/tls.c +++ b/src/tls.c @@ -6423,6 +6423,10 @@ static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input, if (length != OPAQUE16_LEN + len) return BUFFER_ERROR; + /* Sig Algo list size must be even. */ + if (suites->hashSigAlgoSz % 2 != 0) + return BUFFER_ERROR; + /* truncate hashSigAlgo list if too long */ suites->hashSigAlgoSz = len; if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {