Various fixes in internal.c

This commit is contained in:
Eric Blankenhorn
2026-04-14 15:01:12 -05:00
parent 9ed79a2815
commit 2e5a0b76af
+71 -17
View File
@@ -716,6 +716,8 @@ int IsDtlsNotSrtpMode(WOLFSSL* ssl)
static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
{
(void)opaque;
if (item != 0 && size > ((unsigned int)-1) / item)
return NULL;
return (void *)XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
}
@@ -1094,7 +1096,16 @@ static int ImportCipherSpecState(WOLFSSL* ssl, const byte* exp, word32 len,
if (type == WOLFSSL_EXPORT_TLS &&
ssl->specs.bulk_cipher_algorithm == wolfssl_aes) {
byte *pt = (byte*)ssl->encrypt.aes->reg;
byte *pt;
if ((idx + 2 * WC_AES_BLOCK_SIZE) > len) {
WOLFSSL_MSG("Buffer not large enough for AES state import");
return BUFFER_E;
}
if (ssl->encrypt.aes == NULL || ssl->decrypt.aes == NULL) {
WOLFSSL_MSG("AES cipher objects not allocated for import");
return BAD_STATE_E;
}
pt = (byte*)ssl->encrypt.aes->reg;
XMEMCPY(pt, exp + idx, WC_AES_BLOCK_SIZE);
idx += WC_AES_BLOCK_SIZE;
@@ -9376,13 +9387,13 @@ void FreeSSL(WOLFSSL* ssl, void* heap)
{
WOLFSSL_CTX* ctx = ssl->ctx;
wolfSSL_ResourceFree(ssl);
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(ssl, sizeof(*ssl));
#endif
XFREE(ssl, heap, DYNAMIC_TYPE_SSL);
if (ctx)
FreeSSL_Ctx(ctx); /* will decrement and free underlying CTX if 0 */
(void)heap;
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(ssl, sizeof(*ssl));
#endif
}
#if !defined(NO_OLD_TLS) || defined(WOLFSSL_DTLS) || \
@@ -9973,7 +9984,10 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
}
else {
head = DtlsMsgNew(dataSz, 0, heap);
if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset,
if (head == NULL) {
/* allocation failed; drop the message silently */
}
else if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset,
fragSz, heap, dataSz, encrypted) < 0) {
DtlsMsgDelete(head, heap);
head = NULL;
@@ -10623,6 +10637,9 @@ static int EdDSA_Update(WOLFSSL* ssl, const byte* data, int sz)
byte* msgs;
if (ssl->options.cacheMessages) {
if (sz < 0 || ssl->hsHashes->length < 0 ||
ssl->hsHashes->length > INT_MAX - sz)
return BUFFER_ERROR;
msgs = (byte*)XMALLOC(ssl->hsHashes->length + sz, ssl->heap,
DYNAMIC_TYPE_HASHES);
if (msgs == NULL)
@@ -10776,6 +10793,9 @@ int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
}
#endif
if (sz < 0)
return BUFFER_ERROR;
return HashRaw(ssl, adj, sz);
}
@@ -17127,6 +17147,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
else {
ssl->peerEd25519KeyPresent = 1;
#ifdef HAVE_PK_CALLBACKS
XFREE(ssl->buffers.peerEd25519Key.buffer,
ssl->heap, DYNAMIC_TYPE_ED25519);
ssl->buffers.peerEd25519Key.buffer =
(byte*)XMALLOC(args->dCert->pubKeySize,
ssl->heap, DYNAMIC_TYPE_ED25519);
@@ -17182,6 +17204,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
else {
ssl->peerEd448KeyPresent = 1;
#ifdef HAVE_PK_CALLBACKS
XFREE(ssl->buffers.peerEd448Key.buffer,
ssl->heap, DYNAMIC_TYPE_ED448);
ssl->buffers.peerEd448Key.buffer =
(byte*)XMALLOC(args->dCert->pubKeySize,
ssl->heap, DYNAMIC_TYPE_ED448);
@@ -17629,9 +17653,9 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ssl->status_request_v2 = 0;
WC_FREE_VAR_EX(status, NULL, DYNAMIC_TYPE_OCSP_STATUS);
WC_FREE_VAR_EX(single, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
WC_FREE_VAR_EX(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
WC_FREE_VAR_EX(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS);
WC_FREE_VAR_EX(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY);
WC_FREE_VAR_EX(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
}
break;
@@ -26214,8 +26238,6 @@ int SendAsyncData(WOLFSSL* ssl)
*/
static int ssl_in_handshake(WOLFSSL *ssl, int sending_data)
{
int SendAsyncData = 1;
(void)SendAsyncData;
if (IsSCR(ssl)) {
if (sending_data) {
/* allow sending data in SCR */
@@ -29194,7 +29216,10 @@ static int ParseCipherList(Suites* suites,
/* Restore user ciphers ahead of defaults */
XMEMMOVE(suites->suites + idx, suites->suites,
min(suites->suiteSz, WOLFSSL_MAX_SUITE_SZ-idx));
suites->suiteSz += (word16)idx;
if ((word32)suites->suiteSz + idx > WOLFSSL_MAX_SUITE_SZ)
suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
else
suites->suiteSz += (word16)idx;
}
else
#endif
@@ -35034,6 +35059,9 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
{
word32 sessIdLen = ID_LEN;
if (length > WOLFSSL_MAX_16BIT)
return BUFFER_ERROR;
if (!HaveUniqueSessionObj(ssl))
return MEMORY_ERROR;
@@ -35812,6 +35840,8 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
args->output[args->idx++] = SetCurveId(ssl->eccTempKey);
#endif
}
if (args->exportSz > WOLFSSL_MAX_8BIT)
return BUFFER_ERROR;
args->output[args->idx++] = (byte)args->exportSz;
XMEMCPY(args->output + args->idx, args->exportBuf, args->exportSz);
return 0;
@@ -35924,6 +35954,10 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
static int SKE_AddDhPub(Buffers* buffers, byte* output, int idx)
{ /* add p, g, pub */
if (buffers->serverDH_P.length > WOLFSSL_MAX_16BIT ||
buffers->serverDH_G.length > WOLFSSL_MAX_16BIT ||
buffers->serverDH_Pub.length > WOLFSSL_MAX_16BIT)
return BUFFER_ERROR;
c16toa((word16)buffers->serverDH_P.length, output + idx);
idx += LENGTH_SZ;
XMEMCPY(output + idx, buffers->serverDH_P.buffer,
@@ -36390,8 +36424,12 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
AddHeaders(args->output, args->length,
server_key_exchange, ssl);
AddServerHint(ssl, args, hintLen);
args->idx = SKE_AddDhPub(&ssl->buffers, args->output,
args->idx);
ret = SKE_AddDhPub(&ssl->buffers, args->output,
args->idx);
if (ret < 0)
goto exit_sske;
args->idx = ret;
ret = 0;
break;
}
#endif /* !defined(NO_DH) && !defined(NO_PSK) */
@@ -36577,8 +36615,12 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
CHECK_RET(ret, AllocArgsInput(ssl, args), exit_sske);
AddHeaders(args->output, args->length,
server_key_exchange, ssl);
args->idx = SKE_AddDhPub(&ssl->buffers, args->output,
args->idx);
ret = SKE_AddDhPub(&ssl->buffers, args->output,
args->idx);
if (ret < 0)
goto exit_sske;
args->idx = ret;
ret = 0;
#ifdef HAVE_FUZZER
if (ssl->fuzzerCb) {
@@ -36971,8 +37013,9 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
#ifndef WC_RSA_PSS
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
case rsa_pss_pss_algo:
#endif
case rsa_sa_algo:
{
@@ -37499,7 +37542,6 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
Suites clSuites;
int ret = -1;
(void)inSz;
WOLFSSL_MSG("Got old format client hello");
#ifdef WOLFSSL_CALLBACKS
if (ssl->hsInfoOn)
@@ -37587,6 +37629,11 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
TRUE, TRUE, TRUE, TRUE, ssl->options.side);
}
/* Need at least 3 * OPAQUE16_LEN bytes for suiteSz/sessionSz/randomSz
* headers before reading the per-field bodies. */
if (idx + 3 * OPAQUE16_LEN > inSz)
return BUFFER_ERROR;
/* suite size */
ato16(&input[idx], &clSuites.suiteSz);
idx += OPAQUE16_LEN;
@@ -37612,6 +37659,11 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
if (randomSz > RAN_LEN)
return BUFFER_ERROR;
/* Cumulative bounds check against actual input buffer length. */
if ((word32)clSuites.suiteSz + (word32)sessionSz + (word32)randomSz
> inSz - idx)
return BUFFER_ERROR;
/* suites */
for (i = 0, j = 0; i < clSuites.suiteSz; i += 3) {
byte first = input[idx++];
@@ -39658,6 +39710,8 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
#endif
if (!IsAtLeastTLSv1_3(ssl->version)) {
if (ssl->arrays == NULL)
return;
XMEMCPY(ssl->arrays->masterSecret, it->msecret, SECRET_LEN);
/* Copy the haveExtendedMasterSecret property from the ticket to
* the saved session, so the property may be checked later. */