Fix to better detect invalid spurious retransmission.

2026-01-26 23:52:21 +01:00 · 2025-08-12 16:03:22 -07:00
parent 22b221a8be
commit e00fd2fd70
1 changed files with 15 additions and 0 deletions
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -2230,8 +2230,23 @@ static int GetRecordHeader(const byte* input, RecordLayerHeader* rh, int* size)
    XMEMCPY(rh, input, RECORD_HEADER_SZ);
    *size = (rh->length[0] << 8) | rh->length[1];

+    /* make sure length is valid */
    if (*size > (MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA))
        return LENGTH_ERROR;
+    /* make sure the record type is valid */
+    if (rh->type < change_cipher_spec ||
+    #ifdef WOLFSSL_DTLS13
+        rh->type > ack
+    #else
+        rh->type > dtls12_cid
+    #endif
+        ) {
+        return UNKNOWN_RECORD_TYPE;
+    }
+    /* make sure version is valid */
+    if (rh->pvMajor > SSLv3_MAJOR || rh->pvMinor > TLSv1_3_MINOR) {
+        return VERSION_ERROR;
+    }

    return 0;
 }