wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 19:24:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

revert verify depth check and increase array size to account for possible cert index

Browse Source
This commit is contained in:
Jacob Barthelmeh
2018-02-14 10:01:22 -07:00
parent 6f1e5383da
commit 2e15842ef2
1 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/internal.c
View File

@@ -7964,13 +7964,21 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#endif #endif
/* allocate buffer for certs */ /* allocate buffer for certs */
args->certs = (buffer*)XMALLOC(sizeof(buffer) * ssl->verifyDepth, #ifdef OPENSSL_EXTRA
args->certs = (buffer*)XMALLOC(sizeof(buffer) *
(ssl->verifyDepth + 1), ssl->heap, DYNAMIC_TYPE_DER);
if (args->certs == NULL) {
ERROR_OUT(MEMORY_E, exit_ppc);
}
XMEMSET(args->certs, 0, sizeof(buffer) * (ssl->verifyDepth + 1));
#else
args->certs = (buffer*)XMALLOC(sizeof(buffer) * MAX_CHAIN_DEPTH,
ssl->heap, DYNAMIC_TYPE_DER); ssl->heap, DYNAMIC_TYPE_DER);
if (args->certs == NULL) { if (args->certs == NULL) {
ERROR_OUT(MEMORY_E, exit_ppc); ERROR_OUT(MEMORY_E, exit_ppc);
} }
XMEMSET(args->certs, 0, sizeof(buffer) * ssl->verifyDepth); XMEMSET(args->certs, 0, sizeof(buffer) * MAX_CHAIN_DEPTH);
#endif /* OPENSSL_EXTRA */
/* Certificate List */ /* Certificate List */
if ((args->idx - args->begin) + OPAQUE24_LEN > totalSz) { if ((args->idx - args->begin) + OPAQUE24_LEN > totalSz) {
ERROR_OUT(BUFFER_ERROR, exit_ppc); ERROR_OUT(BUFFER_ERROR, exit_ppc);
@@ -7990,12 +7998,17 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
while (listSz) { while (listSz) {
word32 certSz; word32 certSz;
if (args->totalCerts >= ssl->verifyDepth) {
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
if (args->totalCerts > ssl->verifyDepth) {
ssl->peerVerifyRet = X509_V_ERR_CERT_CHAIN_TOO_LONG; ssl->peerVerifyRet = X509_V_ERR_CERT_CHAIN_TOO_LONG;
#endif
ERROR_OUT(MAX_CHAIN_ERROR, exit_ppc); ERROR_OUT(MAX_CHAIN_ERROR, exit_ppc);
} }
#else
if (args->totalCerts >= ssl->verifyDepth ||
args->totalCerts >= MAX_CHAIN_DEPTH) {
ERROR_OUT(MAX_CHAIN_ERROR, exit_ppc);
}
#endif
if ((args->idx - args->begin) + OPAQUE24_LEN > totalSz) { if ((args->idx - args->begin) + OPAQUE24_LEN > totalSz) {
ERROR_OUT(BUFFER_ERROR, exit_ppc); ERROR_OUT(BUFFER_ERROR, exit_ppc);