Small bugs in v3 client hello parsing

Bodo Moeller Sat, 13 Apr 2002 15:25:54 -0700

> It seems that I've found two small bugs in OpenSSL (at least 0.9.6c
> and the latest snapshot).
> 
> In ssl/s3_srvr.c function ssl3_get_client_hello, after the
> last field (compression) has been parsed, there's a test:
> 
>   /* TLS does not mind if there is extra stuff */
>   if (s->version == SSL3_VERSION)
>   {
>     if (p > (d+n))
>     {
>       /* wrong number of bytes,
>        * there could be more to follow */
>       al=SSL_AD_DECODE_ERROR;
>       SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
>       goto f_err;
>     }
>   }
> 
> Here "d" points to the start of the message, "p" to the
> current location, and "n" is the length of the frame.
> 
> There are actually two bugs: First, the test should of
> course be "p < (d+n)".


Thanks.  This will be fixed.

> Second, if "p > (d+n)" then we have read past the end of the packet
> anyway [...]

A test is missing earlier in the code.  This should fix all the problems:

Index: s3_srvr.c
===================================================================
RCS file: /usr/local/openssl/cvs/openssl/ssl/s3_srvr.c,v
retrieving revision 1.49.2.13
diff -u -u -r1.49.2.13 s3_srvr.c
--- s3_srvr.c   2002/01/14 23:42:38     1.49.2.13
+++ s3_srvr.c   2002/04/13 22:17:58
@@ -711,7 +711,7 @@
                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
                goto f_err;
                }
-       if ((i+p) > (d+n))
+       if ((p+i) >= (d+n))
                {
                /* not enough data */
                al=SSL_AD_DECODE_ERROR;
@@ -768,6 +768,13 @@
 
        /* compression */
        i= *(p++);
+       if ((p+i) > (d+n))
+               {
+               /* not enough data */
+               al=SSL_AD_DECODE_ERROR;
+               SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+               goto f_err;
+               }
        q=p;
        for (j=0; j<i; j++)
                {
@@ -815,7 +822,7 @@
        /* TLS does not mind if there is extra stuff */
        if (s->version == SSL3_VERSION)
                {
-               if (p > (d+n))
+               if (p < (d+n))
                        {
                        /* wrong number of bytes,
                         * there could be more to follow */


-- 
Bodo M�ller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Small bugs in v3 client hello parsing

Reply via email to