The branch OpenSSL_1_0_2-stable has been updated
via cb7503750efc02c64cdb7167dee692e47c44c6e9 (commit)
from 773da093b1b9a63ae9c94cae756848011686caa0 (commit)
- Log -----------------------------------------------------------------
commit cb7503750efc02c64cdb7167dee692e47c44c6e9
Author: Matt Caswell <[email protected]>
Date: Tue Feb 20 10:20:20 2018 +0000
Sanity check the ticket length before using key name/IV
This could in theory result in an overread - but due to the over allocation
of the underlying buffer does not represent a security issue.
Thanks to Fedor Indutny for reporting this issue.
Reviewed-by: Rich Salz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/5417)
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 82ad601..a186623 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3505,6 +3505,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned
char *etick,
EVP_CIPHER_CTX ctx;
SSL_CTX *tctx = s->initial_ctx;
+ /* Need at least keyname + iv */
+ if (eticklen < 16 + EVP_MAX_IV_LENGTH)
+ return 2;
+
/* Initialize session ticket encryption and HMAC contexts */
HMAC_CTX_init(&hctx);
EVP_CIPHER_CTX_init(&ctx);
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
