yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix length checking for AEAD ciphersuites

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-06-17 10:54:17 +02:00 committed by Paul Bakker
parent 1c98ff96b5
commit 0bcc4e1df7
2 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog
View file

@ -5,6 +5,11 @@ TODO: bump SOVERSION for ABI change
(and various x509 structures got a new member)
= PolarSSL 1.3 branch
Security
* Fix length checking for AEAD ciphersuites (found by Codenomicon).
It was possible to crash the server (and client) using crafted messages
when a GCM suite was chosen.
Features
* Add CCM module and cipher mode to Cipher Layer
* Support for CCM and CCM_8 ciphersuites

14
library/ssl_tls.c
View file

@ -1327,10 +1327,18 @@ static int ssl_decrypt_buf( ssl_context *ssl )
unsigned char add_data[13];
unsigned char taglen = ssl->transform_in->ciphersuite_info->flags &
POLARSSL_CIPHERSUITE_SHORT_TAG ? 8 : 16;
unsigned char explicit_iv_len = ssl->transform_in->ivlen -
ssl->transform_in->fixed_ivlen;
if( ssl->in_msglen < explicit_iv_len + taglen )
{
SSL_DEBUG_MSG( 1, ( "msglen (%d) < explicit_iv_len (%d) "
"+ taglen (%d)", ssl->in_msglen,
explicit_iv_len, taglen ) );
return( POLARSSL_ERR_SSL_INVALID_MAC );
}
dec_msglen = ssl->in_msglen - explicit_iv_len - taglen;
dec_msglen = ssl->in_msglen - ( ssl->transform_in->ivlen -
ssl->transform_in->fixed_ivlen );
dec_msglen -= taglen;
dec_msg = ssl->in_msg;
dec_msg_result = ssl->in_msg;
ssl->in_msglen = dec_msglen;