Import s2_pkt.c wbuf fixes from OpenSSL_0_9_6-stable branch.

diff --git a/CHANGES b/CHANGES
index 419823be2c72c4c36ed5d1e977dcf364fc85598e..fecbe653fa8895df372abd34c67cc83a369d2023 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,11 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
+     Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
+     when writing a 32767 byte record.
+     [Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
+
   *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
      obtain lock CRYPTO_LOCK_RSA before creating BN_MONT_CTX
      structures and setting rsa->_method_mod_{n,p,q}.

diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index a6f4db36c00b2a9905212f3fcd680ae353711e48..52a2b279638940b2192ad700f0833e6fe543a9ce 100644 (file)
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -273,10 +273,16 @@ int ssl2_new(SSL *s)
        if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err;
        memset(s2,0,sizeof *s2);
 
+#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
+#  error "assertion failed"
+#endif
+
        if ((s2->rbuf=OPENSSL_malloc(
                SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+       /* wbuf needs one byte more because when using two-byte headers,
+        * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
        if ((s2->wbuf=OPENSSL_malloc(
-               SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+               SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err;
        s->s2=s2;
 
        ssl2_clear(s);

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 6081dd7b4709bf475deb1c486b054d7c2df4622d..2866d61fa40c1c5c371da3e5373bcf1c36d34adc 100644 (file)
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -541,6 +541,9 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
                {
                bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
                j=len+mac_size;
+               /* Two-byte headers allow for a larger record length than
+                * three-byte headers, but we can't use them if we need
+                * padding or if we have to set the escape bit. */
                if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
                        (!s->s2->escape))
                        {
@@ -556,25 +559,39 @@ static int do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
                        }
                else if ((bs <= 1) && (!s->s2->escape))
                        {
-                       /* len=len; */
+                       /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
+                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
                        s->s2->three_byte_header=0;
                        p=0;
                        }
-               else /* 3 byte header */
+               else /* we may have to use a 3 byte header */
                        {
-                       /*len=len; */
+                       /* If s->s2->escape is not set, then
+                        * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
+                        * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
                        p=(j%bs);
                        p=(p == 0)?0:(bs-p);
                        if (s->s2->escape)
+                               {
                                s->s2->three_byte_header=1;
+                               if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
+                                       j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
+                               }
                        else
                                s->s2->three_byte_header=(p == 0)?0:1;
                        }
                }
+
+       /* Now
+        *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+        * holds, and if s->s2->three_byte_header is set, then even
+        *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
+        */
+
        /* mac_size is the number of MAC bytes
         * len is the number of data bytes we are going to send
         * p is the number of padding bytes
-        * if p == 0, it is a 2 byte header */
+        * (if it is a two-byte header, then p == 0) */
 
        s->s2->wlength=len;
        s->s2->padding=p;

diff --git a/ssl/ssl2.h b/ssl/ssl2.h
index df7d03c18f70d02dbd425ea4e292acd34af0e0bf..f8b56afb6b20ef37a005f975aecbbbbbd3de2997 100644 (file)
--- a/ssl/ssl2.h
+++ b/ssl/ssl2.h
@@ -134,11 +134,11 @@ extern "C" {
 /* Upper/Lower Bounds */
 #define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS     256
 #ifdef MPE
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER   (unsigned int)29998
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER   29998u
 #else
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER   (unsigned int)32767 
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER   32767u  /* 2^15-1 */
 #endif
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER   16383 /**/
+#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER   16383 /* 2^14-1 */
 
 #define SSL2_CHALLENGE_LENGTH  16
 /*#define SSL2_CHALLENGE_LENGTH        32 */