AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ssl_tls13_client.c: Add check in supported_versions parsing

Browse Source 
Add check in ServerHello supported_versions parsing
that the length of the extension data is exactly
two.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-03-30 20:04:10 +02:00
parent 1fa4f6863b
commit 9847338429
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
library/ssl_tls13_client.c
View File

@ -100,7 +100,7 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
{ {
((void) ssl); ((void) ssl);
MBEDTLS_SSL_CHK_BUF_READ_PTR( buf, end, 2); MBEDTLS_SSL_CHK_BUF_READ_PTR( buf, end, 2 );
if( buf[0] != MBEDTLS_SSL_MAJOR_VERSION_3 || if( buf[0] != MBEDTLS_SSL_MAJOR_VERSION_3 ||
buf[1] != MBEDTLS_SSL_MINOR_VERSION_4 ) buf[1] != MBEDTLS_SSL_MINOR_VERSION_4 )
{ {
@ -111,6 +111,14 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
} }
if( &buf[2] != end )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "supported_versions ext data length incorrect" ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
MBEDTLS_ERR_SSL_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
}
return( 0 ); return( 0 );
} }