Avoid an overflow in constructing the ServerKeyExchange message
authorMatt Caswell <matt@openssl.org>
Fri, 1 Jul 2016 10:58:05 +0000 (11:58 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 1 Jul 2016 18:26:12 +0000 (19:26 +0100)
commit77857ddcca41e1ad34725715fe7b32adc4de7930
tree467c2a6266c3ae1b522f439d1042d7b299288658
parentcbffd2d9ca91dabb1cdfb181311f2a8458b4a8e8
Avoid an overflow in constructing the ServerKeyExchange message

We calculate the size required for the ServerKeyExchange message and then
call BUF_MEM_grow_clean() on the buffer. However we fail to take account of
2 bytes required for the signature algorithm and 2 bytes for the signature
length, i.e. we could overflow by 4 bytes. In reality this won't happen
because the buffer is pre-allocated to a large size that means it should be
big enough anyway.

Addresses an OCAP Audit issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/s3_srvr.c