yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix buffer overflow in TLS 1.3 ECDH public key parsing

Browse source 
Fix a buffer overflow in TLS 1.3 ServerHello and ClientHello parsing. The
length of the public key in an ECDH- or FFDH-based key exchange was not
validated. This could result in an overflow of handshake->xxdh_psa_peerkey,
overwriting further data in the handshake structure or further on the heap.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2023-10-02 14:55:45 +02:00
parent 3a098e9090
commit 12c5aaae57
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
library/ssl_tls13_generic.c
View file

@ -1516,7 +1516,10 @@ int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl,
/* Check if key size is consistent with given buffer length. */
MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, peerkey_len);
/* Store peer's ECDH public key. */
/* Store peer's ECDH/FFDH public key. */
if (peerkey_len > sizeof(handshake->xxdh_psa_peerkey)) {
return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
}
memcpy(handshake->xxdh_psa_peerkey, p, peerkey_len);
handshake->xxdh_psa_peerkey_len = peerkey_len;