Check for invalid short Alert messages
(Short Change Cipher Spec & Handshake messages are already checked for.)
This commit is contained in:
parent
34817929ea
commit
1a7a17e548
2 changed files with 12 additions and 0 deletions
|
@ -39,6 +39,8 @@ Bugfix
|
|||
seen when communicating with OpenSSL using TLS 1.0. Reported by @kFYatek
|
||||
(#1632) and by Conor Murphy on the forum. Fix contributed by Espressif
|
||||
Systems.
|
||||
* Fail when receiving a TLS alert message with an invalid length, or invalid
|
||||
zero-length messages when using TLS 1.2. Contributed by Espressif Systems.
|
||||
|
||||
Changes
|
||||
* Change the shebang line in Perl scripts to look up perl in the PATH.
|
||||
|
|
|
@ -4187,6 +4187,16 @@ int mbedtls_ssl_handle_message_type( mbedtls_ssl_context *ssl )
|
|||
|
||||
if( ssl->in_msgtype == MBEDTLS_SSL_MSG_ALERT )
|
||||
{
|
||||
if( ssl->in_msglen != 2 )
|
||||
{
|
||||
/* Note: Standard allows for more than one 2 byte alert
|
||||
to be packed in a single message, but Mbed TLS doesn't
|
||||
currently support this. */
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid alert message, len: %d",
|
||||
ssl->in_msglen ) );
|
||||
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]",
|
||||
ssl->in_msg[0], ssl->in_msg[1] ) );
|
||||
|
||||
|
|
Loading…
Reference in a new issue