mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-09 23:20:54 +02:00
Fix integer underflow in ECH innerClientHelloLen parsing
Add bounds check before subtracting WC_AES_BLOCK_SIZE from the attacker-controlled innerClientHelloLen field in TLSX_ECH_Parse(). Values 0-15 caused a word16 underflow to ~65K, leading to a heap buffer overflow write via XMEMSET and heap buffer over-read via wc_AesGcmDecrypt. Return BAD_FUNC_ARG if the field is too small.
This commit is contained in:
@@ -13605,6 +13605,9 @@ static int TLSX_ECH_Parse(WOLFSSL* ssl, const byte* readBuf, word16 size,
|
||||
}
|
||||
/* read hello inner len */
|
||||
ato16(readBuf_p, &ech->innerClientHelloLen);
|
||||
if (ech->innerClientHelloLen < WC_AES_BLOCK_SIZE) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ech->innerClientHelloLen -= WC_AES_BLOCK_SIZE;
|
||||
readBuf_p += 2;
|
||||
ech->outerClientPayload = readBuf_p;
|
||||
|
||||
Reference in New Issue
Block a user