diff --git a/lib/libssl/d1_both.c b/lib/libssl/d1_both.c index 534db59ee89..5c93af8bd91 100644 --- a/lib/libssl/d1_both.c +++ b/lib/libssl/d1_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_both.c,v 1.32 2015/02/09 10:53:28 jsing Exp $ */ +/* $OpenBSD: d1_both.c,v 1.33 2015/07/18 23:00:23 doug Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -125,6 +125,7 @@ #include #include "pqueue.h" +#include "bytestring.h" #define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8) @@ -798,16 +799,15 @@ again: return i; } /* Handshake fails if message header is incomplete */ - if (i != DTLS1_HM_HEADER_LENGTH) { + if (i != DTLS1_HM_HEADER_LENGTH || + /* parse the message fragment header */ + dtls1_get_message_header(wire, &msg_hdr) == 0) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } - /* parse the message fragment header */ - dtls1_get_message_header(wire, &msg_hdr); - /* * if this is a future (or stale) message it gets buffered * (or dropped)--no further processing at this time @@ -1372,16 +1372,36 @@ dtls1_guess_mtu(unsigned int curr_mtu) return curr_mtu; } -void +int dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) { - memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); - msg_hdr->type = *(data++); - n2l3(data, msg_hdr->msg_len); + CBS header; + uint32_t msg_len, frag_off, frag_len; + uint16_t seq; + uint8_t type; - n2s(data, msg_hdr->seq); - n2l3(data, msg_hdr->frag_off); - n2l3(data, msg_hdr->frag_len); + CBS_init(&header, data, sizeof(*msg_hdr)); + + memset(msg_hdr, 0, sizeof(*msg_hdr)); + + if (!CBS_get_u8(&header, &type)) + return 0; + if (!CBS_get_u24(&header, &msg_len)) + return 0; + if (!CBS_get_u16(&header, &seq)) + return 0; + if (!CBS_get_u24(&header, &frag_off)) + return 0; + if (!CBS_get_u24(&header, &frag_len)) + return 0; + + msg_hdr->type = type; + msg_hdr->msg_len = msg_len; + msg_hdr->seq = seq; + msg_hdr->frag_off = frag_off; + msg_hdr->frag_len = frag_len; + + return 1; } void diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c index 1ff664370b4..b26ff2cec23 100644 --- a/lib/libssl/d1_pkt.c +++ b/lib/libssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.44 2015/07/18 22:36:55 doug Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.45 2015/07/18 23:00:23 doug Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -1018,7 +1018,8 @@ start: struct hm_header_st msg_hdr; /* this may just be a stale retransmit */ - dtls1_get_message_header(rr->data, &msg_hdr); + if (!dtls1_get_message_header(rr->data, &msg_hdr)) + return -1; if (rr->epoch != s->d1->r_epoch) { rr->length = 0; goto start; diff --git a/lib/libssl/src/ssl/d1_both.c b/lib/libssl/src/ssl/d1_both.c index 534db59ee89..5c93af8bd91 100644 --- a/lib/libssl/src/ssl/d1_both.c +++ b/lib/libssl/src/ssl/d1_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_both.c,v 1.32 2015/02/09 10:53:28 jsing Exp $ */ +/* $OpenBSD: d1_both.c,v 1.33 2015/07/18 23:00:23 doug Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -125,6 +125,7 @@ #include #include "pqueue.h" +#include "bytestring.h" #define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8) @@ -798,16 +799,15 @@ again: return i; } /* Handshake fails if message header is incomplete */ - if (i != DTLS1_HM_HEADER_LENGTH) { + if (i != DTLS1_HM_HEADER_LENGTH || + /* parse the message fragment header */ + dtls1_get_message_header(wire, &msg_hdr) == 0) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE); goto f_err; } - /* parse the message fragment header */ - dtls1_get_message_header(wire, &msg_hdr); - /* * if this is a future (or stale) message it gets buffered * (or dropped)--no further processing at this time @@ -1372,16 +1372,36 @@ dtls1_guess_mtu(unsigned int curr_mtu) return curr_mtu; } -void +int dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) { - memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); - msg_hdr->type = *(data++); - n2l3(data, msg_hdr->msg_len); + CBS header; + uint32_t msg_len, frag_off, frag_len; + uint16_t seq; + uint8_t type; - n2s(data, msg_hdr->seq); - n2l3(data, msg_hdr->frag_off); - n2l3(data, msg_hdr->frag_len); + CBS_init(&header, data, sizeof(*msg_hdr)); + + memset(msg_hdr, 0, sizeof(*msg_hdr)); + + if (!CBS_get_u8(&header, &type)) + return 0; + if (!CBS_get_u24(&header, &msg_len)) + return 0; + if (!CBS_get_u16(&header, &seq)) + return 0; + if (!CBS_get_u24(&header, &frag_off)) + return 0; + if (!CBS_get_u24(&header, &frag_len)) + return 0; + + msg_hdr->type = type; + msg_hdr->msg_len = msg_len; + msg_hdr->seq = seq; + msg_hdr->frag_off = frag_off; + msg_hdr->frag_len = frag_len; + + return 1; } void diff --git a/lib/libssl/src/ssl/d1_pkt.c b/lib/libssl/src/ssl/d1_pkt.c index 1ff664370b4..b26ff2cec23 100644 --- a/lib/libssl/src/ssl/d1_pkt.c +++ b/lib/libssl/src/ssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.44 2015/07/18 22:36:55 doug Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.45 2015/07/18 23:00:23 doug Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -1018,7 +1018,8 @@ start: struct hm_header_st msg_hdr; /* this may just be a stale retransmit */ - dtls1_get_message_header(rr->data, &msg_hdr); + if (!dtls1_get_message_header(rr->data, &msg_hdr)) + return -1; if (rr->epoch != s->d1->r_epoch) { rr->length = 0; goto start; diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h index 3256354463d..ba8fc799645 100644 --- a/lib/libssl/src/ssl/ssl_locl.h +++ b/lib/libssl/src/ssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.96 2015/07/17 17:36:24 doug Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.97 2015/07/18 23:00:23 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -694,7 +694,7 @@ int dtls1_retransmit_message(SSL *s, unsigned short seq, int dtls1_get_queue_priority(unsigned short seq, int is_ccs); int dtls1_retransmit_buffered_messages(SSL *s); void dtls1_clear_record_buffer(SSL *s); -void dtls1_get_message_header(unsigned char *data, +int dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr); void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); void dtls1_reset_seq_numbers(SSL *s, int rw); diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 3256354463d..ba8fc799645 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.96 2015/07/17 17:36:24 doug Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.97 2015/07/18 23:00:23 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -694,7 +694,7 @@ int dtls1_retransmit_message(SSL *s, unsigned short seq, int dtls1_get_queue_priority(unsigned short seq, int is_ccs); int dtls1_retransmit_buffered_messages(SSL *s); void dtls1_clear_record_buffer(SSL *s); -void dtls1_get_message_header(unsigned char *data, +int dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr); void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); void dtls1_reset_seq_numbers(SSL *s, int rw);