Check the message type requested is the type received in DTLS

dtls1_get_message has an |mt| variable which is the type of the message that is being requested. If it is negative then any message type is allowed. However the value of |mt| is not checked in one of the main code paths, so a peer can send a message of a completely different type and it will be processed as if it was the message type that we were expecting. This has very little practical consequences because the current behaviour will still fail when the format of the message isn't as expected. Reviewed-by: N Andy Polyakov <appro@openssl.org>

Check the message type requested is the type received in DTLS
dtls1_get_message has an |mt| variable which is the type of the message that is being requested. If it is negative then any message type is allowed. However the value of |mt| is not checked in one of the main code paths, so a peer can send a message of a completely different type and it will be processed as if it was the message type that we were expecting. This has very little practical consequences because the current behaviour will still fail when the format of the message isn't as expected. Reviewed-by: N Andy Polyakov <appro@openssl.org>
8c2b1d87 · Matt Caswell · 1c8a527c · 8c2b1d87
隐藏空白更改
内联并排

Showing with 6 addition and 0 deletion

ssl/d1_both.c ssl/d1_both.c +6 -0

未找到文件。
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -478,6 +478,12 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
        return i;
    }

+    if (mt >= 0 && s->s3->tmp.message_type != mt) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+        goto f_err;
+    }
+
    p = (unsigned char *)s->init_buf->data;
    msg_len = msg_hdr->msg_len;