Handle the unlikely event that BIO_get_mem_data() returns -ve.

6ba71a71 · Ben Laurie · 4ded7b44 · 6ba71a71 · 6ba71a71 · 6ba71a71
7 changed file
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -871,7 +871,8 @@ int ssl3_get_server_hello(SSL *s)
 			}
 		}
 	s->s3->tmp.new_cipher=c;
-	ssl3_digest_cached_records(s);
+	if (!ssl3_digest_cached_records(s))
+		goto f_err;

 	/* lets get the compression algorithm */
 	/* COMPRESSION */

--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -580,37 +580,47 @@ void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
 			}
 		}	
 	}
-void ssl3_digest_cached_records(SSL *s)
+
+int ssl3_digest_cached_records(SSL *s)
 	{
-		int i;
-		long mask;
-		const EVP_MD *md;
-		long hdatalen;
-		void *hdata;
-		/* Allocate handshake_dgst array */
-		ssl3_free_digest_list(s);
-		s->s3->handshake_dgst = OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
-		memset(s->s3->handshake_dgst,0,SSL_MAX_DIGEST *sizeof(EVP_MD_CTX *));
-		hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,&hdata);
-		/* Loop through bitso of algorithm2 field and create MD_CTX-es */
-		for (i=0;ssl_get_handshake_digest(i,&mask,&md); i++) 
+	int i;
+	long mask;
+	const EVP_MD *md;
+	long hdatalen;
+	void *hdata;
+
+	/* Allocate handshake_dgst array */
+	ssl3_free_digest_list(s);
+	s->s3->handshake_dgst = OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+	memset(s->s3->handshake_dgst,0,SSL_MAX_DIGEST *sizeof(EVP_MD_CTX *));
+	hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,&hdata);
+	if (hdatalen <= 0)
+		{
+		SSLerr(SSL_F_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
+		return 0;
+		}
+
+	/* Loop through bitso of algorithm2 field and create MD_CTX-es */
+	for (i=0;ssl_get_handshake_digest(i,&mask,&md); i++) 
+		{
+		if ((mask & s->s3->tmp.new_cipher->algorithm2) && md) 
 			{
-				if ((mask & s->s3->tmp.new_cipher->algorithm2) && md) 
-				{
-					s->s3->handshake_dgst[i]=EVP_MD_CTX_create();
-					EVP_DigestInit_ex(s->s3->handshake_dgst[i],md,NULL);
-					EVP_DigestUpdate(s->s3->handshake_dgst[i],hdata,hdatalen);
-				} 
-				else 
-				{	
-					s->s3->handshake_dgst[i]=NULL;
-				}
+			s->s3->handshake_dgst[i]=EVP_MD_CTX_create();
+			EVP_DigestInit_ex(s->s3->handshake_dgst[i],md,NULL);
+			EVP_DigestUpdate(s->s3->handshake_dgst[i],hdata,hdatalen);
+			} 
+		else 
+			{	
+			s->s3->handshake_dgst[i]=NULL;
 			}
-		/* Free handshake_buffer BIO */
-		BIO_free(s->s3->handshake_buffer);
-		s->s3->handshake_buffer = NULL;
+		}
+	/* Free handshake_buffer BIO */
+	BIO_free(s->s3->handshake_buffer);
+	s->s3->handshake_buffer = NULL;

+	return 1;
 	}
+
 int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
 	{
 	return(ssl3_handshake_mac(s,md_nid,NULL,0,p));
@@ -632,8 +642,10 @@ static int ssl3_handshake_mac(SSL *s, int md_nid,
 	unsigned int i;
 	unsigned char md_buf[EVP_MAX_MD_SIZE];
 	EVP_MD_CTX ctx,*d=NULL;
+
 	if (s->s3->handshake_buffer) 
-		ssl3_digest_cached_records(s);
+		if (!ssl3_digest_cached_records(s))
+			return 0;

 	/* Search for djgest of specified type  in the handshake_dgst
 	 * array*/

--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -531,7 +531,8 @@ int ssl3_accept(SSL *s)
 				 * should be generalized. But it is next step
 				 */
 				if (s->s3->handshake_buffer)
-					ssl3_digest_cached_records(s);
+					if (!ssl3_digest_cached_records(s))
+						return -1;
 				for (dgst_num=0; dgst_num<SSL_MAX_DIGEST;dgst_num++)	
 					if (s->s3->handshake_dgst[dgst_num]) 
 						{
@@ -1158,7 +1159,8 @@ int ssl3_get_client_hello(SSL *s)
 		s->s3->tmp.new_cipher=s->session->cipher;
 		}

-	ssl3_digest_cached_records(s);
+	if (!ssl3_digest_cached_records(s))
+		goto f_err;
 	
 	/* we now have the following setup. 
 	 * client_random

--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1784,6 +1784,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_CLIENT_HELLO				 101
 #define SSL_F_CLIENT_MASTER_KEY				 102
 #define SSL_F_D2I_SSL_SESSION				 103
+#define SSL_F_DIGEST_CACHED_RECORDS			 293
 #define SSL_F_DO_DTLS1_WRITE				 245
 #define SSL_F_DO_SSL3_WRITE				 104
 #define SSL_F_DTLS1_ACCEPT				 246
@@ -1945,6 +1946,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_SSL_SET_RFD				 194
 #define SSL_F_SSL_SET_SESSION				 195
 #define SSL_F_SSL_SET_SESSION_ID_CONTEXT		 218
+#define SSL_F_SSL_SET_SESSION_TICKET_EXT		 294
 #define SSL_F_SSL_SET_TRUST				 228
 #define SSL_F_SSL_SET_WFD				 196
 #define SSL_F_SSL_SHUTDOWN				 224
@@ -1972,7 +1974,6 @@ void ERR_load_SSL_strings(void);
 #define SSL_F_TLS1_PRF					 284
 #define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
 #define SSL_F_WRITE_PENDING				 212
-#define SSL_F_SSL_SET_SESSION_TICKET_EXT		 213

 /* Reason codes. */
 #define SSL_R_APP_DATA_IN_HANDSHAKE			 100
@@ -1991,6 +1992,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_BAD_ECC_CERT				 304
 #define SSL_R_BAD_ECDSA_SIGNATURE			 305
 #define SSL_R_BAD_ECPOINT				 306
+#define SSL_R_BAD_HANDSHAKE_LENGTH			 332
 #define SSL_R_BAD_HELLO_REQUEST				 105
 #define SSL_R_BAD_LENGTH				 271
 #define SSL_R_BAD_MAC_DECODE				 113

--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -75,6 +75,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_FUNC(SSL_F_CLIENT_HELLO),	"CLIENT_HELLO"},
 {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY),	"CLIENT_MASTER_KEY"},
 {ERR_FUNC(SSL_F_D2I_SSL_SESSION),	"d2i_SSL_SESSION"},
+{ERR_FUNC(SSL_F_DIGEST_CACHED_RECORDS),	"DIGEST_CACHED_RECORDS"},
 {ERR_FUNC(SSL_F_DO_DTLS1_WRITE),	"DO_DTLS1_WRITE"},
 {ERR_FUNC(SSL_F_DO_SSL3_WRITE),	"DO_SSL3_WRITE"},
 {ERR_FUNC(SSL_F_DTLS1_ACCEPT),	"DTLS1_ACCEPT"},
@@ -236,6 +237,7 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_FUNC(SSL_F_SSL_SET_RFD),	"SSL_set_rfd"},
 {ERR_FUNC(SSL_F_SSL_SET_SESSION),	"SSL_set_session"},
 {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),	"SSL_set_session_id_context"},
+{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),	"SSL_set_session_ticket_ext"},
 {ERR_FUNC(SSL_F_SSL_SET_TRUST),	"SSL_set_trust"},
 {ERR_FUNC(SSL_F_SSL_SET_WFD),	"SSL_set_wfd"},
 {ERR_FUNC(SSL_F_SSL_SHUTDOWN),	"SSL_shutdown"},
@@ -263,7 +265,6 @@ static ERR_STRING_DATA SSL_str_functs[]=
 {ERR_FUNC(SSL_F_TLS1_PRF),	"tls1_prf"},
 {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK),	"TLS1_SETUP_KEY_BLOCK"},
 {ERR_FUNC(SSL_F_WRITE_PENDING),	"WRITE_PENDING"},
-{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT), "SSL_set_session_ticket_ext"},
 {0,NULL}
 	};

@@ -285,6 +286,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {ERR_REASON(SSL_R_BAD_ECC_CERT)          ,"bad ecc cert"},
 {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE)   ,"bad ecdsa signature"},
 {ERR_REASON(SSL_R_BAD_ECPOINT)           ,"bad ecpoint"},
+{ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH)  ,"bad handshake length"},
 {ERR_REASON(SSL_R_BAD_HELLO_REQUEST)     ,"bad hello request"},
 {ERR_REASON(SSL_R_BAD_LENGTH)            ,"bad length"},
 {ERR_REASON(SSL_R_BAD_MAC_DECODE)        ,"bad mac decode"},

--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -880,7 +880,7 @@ int	ssl3_setup_read_buffer(SSL *s);
 int	ssl3_setup_write_buffer(SSL *s);
 int	ssl3_release_read_buffer(SSL *s);
 int	ssl3_release_write_buffer(SSL *s);
-void ssl3_digest_cached_records(SSL *s);
+int	ssl3_digest_cached_records(SSL *s);
 int	ssl3_new(SSL *s);
 void	ssl3_free(SSL *s);
 int	ssl3_accept(SSL *s);

--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -749,7 +749,9 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
 	int i;

 	if (s->s3->handshake_buffer) 
-		ssl3_digest_cached_records(s);
+		if (!ssl3_digest_cached_records(s))
+			return 0;
+
 	for (i=0;i<SSL_MAX_DIGEST;i++) 
 		{
 		  if (s->s3->handshake_dgst[i]&&EVP_MD_CTX_type(s->s3->handshake_dgst[i])==md_nid) 
@@ -784,10 +786,11 @@ int tls1_final_finish_mac(SSL *s,

 	q=buf;

-	EVP_MD_CTX_init(&ctx);
-
 	if (s->s3->handshake_buffer) 
-		ssl3_digest_cached_records(s);
+		if (!ssl3_digest_cached_records(s))
+			return 0;
+
+	EVP_MD_CTX_init(&ctx);

 	for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
 		{