wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

DH Fix 2

Browse Source 
1. Add some missing frees for the error cases when the server DH public
   key is rejected.
This commit is contained in:
John Safranek
2020-10-20 10:32:09 -07:00
parent a575403ca3
commit 2c5a4ba508
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/internal.c
View File

@ -21231,6 +21231,9 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
if (length > ssl->options.maxDhKeySz) {
WOLFSSL_MSG("Server using a DH key generator that is too big");
SendAlert(ssl, alert_fatal, handshake_failure);
XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_P.buffer = NULL;
ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
}
@ -21277,11 +21280,23 @@ static int GetDhPublicKey(WOLFSSL* ssl, const byte* input, word32 size,
if (length < ssl->options.minDhKeySz) {
WOLFSSL_MSG("Server using a public DH key that is too small");
SendAlert(ssl, alert_fatal, handshake_failure);
XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_P.buffer = NULL;
XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_G.buffer = NULL;
ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
}
if (length > ssl->options.maxDhKeySz) {
WOLFSSL_MSG("Server using a public DH key that is too big");
SendAlert(ssl, alert_fatal, handshake_failure);
XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_P.buffer = NULL;
XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap,
DYNAMIC_TYPE_PUBLIC_KEY);
ssl->buffers.serverDH_G.buffer = NULL;
ERROR_OUT(DH_KEY_SIZE_E, exit_gdpk);
}