Fix ssl_get_prev_session overrun
authorMatt Caswell <matt@openssl.org>
Fri, 10 Apr 2015 15:49:33 +0000 (16:49 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Apr 2015 14:01:20 +0000 (15:01 +0100)
If OpenSSL is configured with no-tlsext then ssl_get_prev_session can read
past the end of the ClientHello message if the session_id length in the
ClientHello is invalid. This should not cause any security issues since the
underlying buffer is 16k in size. It should never be possible to overrun by
that many bytes.

This is probably made redundant by the previous commit - but you can never be
too careful.

With thanks to Qinghao Tang for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 5e0a80c1c9b2b06c2d203ad89778ce1b98e0b5ad)

Conflicts:
ssl/ssl_sess.c

ssl/ssl_sess.c

index 1fc44c1e309703899aad0bf013a757954b068c4f..b9432fd450dbf41587aefd21d09f4b5150fba42b 100644 (file)
@@ -431,6 +431,12 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
 
     if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
         goto err;
+
+    if (session_id + len > limit) {
+        fatal = 1;
+        goto err;
+    }
+
 #ifndef OPENSSL_NO_TLSEXT
     r = tls1_process_ticket(s, session_id, len, limit, &ret);
     if (r == -1) {