From efd67e01a5471f9b0745018d7707b69876b070f6 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Fri, 26 Oct 2018 15:29:15 +0100 Subject: [PATCH] Give a better error if an attempt is made to set a zero length groups list Previously we indicated this as a malloc failure which isn't very helpful. Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/7479) (cherry picked from commit 680bd131b69d57e891888ab70d300176a5a16617) --- doc/man3/SSL_CTX_set1_curves.pod | 3 +++ ssl/t1_lib.c | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/doc/man3/SSL_CTX_set1_curves.pod b/doc/man3/SSL_CTX_set1_curves.pod index a250f20c22..2757ccb91d 100644 --- a/doc/man3/SSL_CTX_set1_curves.pod +++ b/doc/man3/SSL_CTX_set1_curves.pod @@ -32,6 +32,9 @@ SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve =head1 DESCRIPTION +For all of the functions below that set the supported groups there must be at +least one group in the list. + SSL_CTX_set1_groups() sets the supported groups for B to B groups in the array B. The array consist of all NIDs of groups in preference order. For a TLS client the groups are used directly in the diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 156497988a..b8b9fbda39 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -343,6 +343,10 @@ int tls1_set_groups(uint16_t **pext, size_t *pextlen, */ unsigned long dup_list = 0; + if (ngroups == 0) { + SSLerr(SSL_F_TLS1_SET_GROUPS, SSL_R_BAD_LENGTH); + return 0; + } if ((glist = OPENSSL_malloc(ngroups * sizeof(*glist))) == NULL) { SSLerr(SSL_F_TLS1_SET_GROUPS, ERR_R_MALLOC_FAILURE); return 0; -- GitLab