Skip to content

Commit 2e5a0b7

Browse files
embhornembhorn
committed
Various fixes in internal.c
1 parent 9ed79a2 commit 2e5a0b7

1 file changed

Lines changed: 71 additions & 17 deletions

File tree

src/internal.c

Lines changed: 71 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -716,6 +716,8 @@ int IsDtlsNotSrtpMode(WOLFSSL* ssl)
716716
static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
717717
{
718718
(void)opaque;
719+
if (item != 0 && size > ((unsigned int)-1) / item)
720+
return NULL;
719721
return (void *)XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
720722
}
721723

@@ -1094,7 +1096,16 @@ static int ImportCipherSpecState(WOLFSSL* ssl, const byte* exp, word32 len,
10941096

10951097
if (type == WOLFSSL_EXPORT_TLS &&
10961098
ssl->specs.bulk_cipher_algorithm == wolfssl_aes) {
1097-
byte *pt = (byte*)ssl->encrypt.aes->reg;
1099+
byte *pt;
1100+
if ((idx + 2 * WC_AES_BLOCK_SIZE) > len) {
1101+
WOLFSSL_MSG("Buffer not large enough for AES state import");
1102+
return BUFFER_E;
1103+
}
1104+
if (ssl->encrypt.aes == NULL || ssl->decrypt.aes == NULL) {
1105+
WOLFSSL_MSG("AES cipher objects not allocated for import");
1106+
return BAD_STATE_E;
1107+
}
1108+
pt = (byte*)ssl->encrypt.aes->reg;
10981109
XMEMCPY(pt, exp + idx, WC_AES_BLOCK_SIZE);
10991110
idx += WC_AES_BLOCK_SIZE;
11001111

@@ -9376,13 +9387,13 @@ void FreeSSL(WOLFSSL* ssl, void* heap)
93769387
{
93779388
WOLFSSL_CTX* ctx = ssl->ctx;
93789389
wolfSSL_ResourceFree(ssl);
9390+
#ifdef WOLFSSL_CHECK_MEM_ZERO
9391+
wc_MemZero_Check(ssl, sizeof(*ssl));
9392+
#endif
93799393
XFREE(ssl, heap, DYNAMIC_TYPE_SSL);
93809394
if (ctx)
93819395
FreeSSL_Ctx(ctx); /* will decrement and free underlying CTX if 0 */
93829396
(void)heap;
9383-
#ifdef WOLFSSL_CHECK_MEM_ZERO
9384-
wc_MemZero_Check(ssl, sizeof(*ssl));
9385-
#endif
93869397
}
93879398

93889399
#if !defined(NO_OLD_TLS) || defined(WOLFSSL_DTLS) || \
@@ -9973,7 +9984,10 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
99739984
}
99749985
else {
99759986
head = DtlsMsgNew(dataSz, 0, heap);
9976-
if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset,
9987+
if (head == NULL) {
9988+
/* allocation failed; drop the message silently */
9989+
}
9990+
else if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset,
99779991
fragSz, heap, dataSz, encrypted) < 0) {
99789992
DtlsMsgDelete(head, heap);
99799993
head = NULL;
@@ -10623,6 +10637,9 @@ static int EdDSA_Update(WOLFSSL* ssl, const byte* data, int sz)
1062310637
byte* msgs;
1062410638

1062510639
if (ssl->options.cacheMessages) {
10640+
if (sz < 0 || ssl->hsHashes->length < 0 ||
10641+
ssl->hsHashes->length > INT_MAX - sz)
10642+
return BUFFER_ERROR;
1062610643
msgs = (byte*)XMALLOC(ssl->hsHashes->length + sz, ssl->heap,
1062710644
DYNAMIC_TYPE_HASHES);
1062810645
if (msgs == NULL)
@@ -10776,6 +10793,9 @@ int HashOutput(WOLFSSL* ssl, const byte* output, int sz, int ivSz)
1077610793
}
1077710794
#endif
1077810795

10796+
if (sz < 0)
10797+
return BUFFER_ERROR;
10798+
1077910799
return HashRaw(ssl, adj, sz);
1078010800
}
1078110801

@@ -17127,6 +17147,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
1712717147
else {
1712817148
ssl->peerEd25519KeyPresent = 1;
1712917149
#ifdef HAVE_PK_CALLBACKS
17150+
XFREE(ssl->buffers.peerEd25519Key.buffer,
17151+
ssl->heap, DYNAMIC_TYPE_ED25519);
1713017152
ssl->buffers.peerEd25519Key.buffer =
1713117153
(byte*)XMALLOC(args->dCert->pubKeySize,
1713217154
ssl->heap, DYNAMIC_TYPE_ED25519);
@@ -17182,6 +17204,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
1718217204
else {
1718317205
ssl->peerEd448KeyPresent = 1;
1718417206
#ifdef HAVE_PK_CALLBACKS
17207+
XFREE(ssl->buffers.peerEd448Key.buffer,
17208+
ssl->heap, DYNAMIC_TYPE_ED448);
1718517209
ssl->buffers.peerEd448Key.buffer =
1718617210
(byte*)XMALLOC(args->dCert->pubKeySize,
1718717211
ssl->heap, DYNAMIC_TYPE_ED448);
@@ -17629,9 +17653,9 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
1762917653

1763017654
ssl->status_request_v2 = 0;
1763117655

17632-
WC_FREE_VAR_EX(status, NULL, DYNAMIC_TYPE_OCSP_STATUS);
17633-
WC_FREE_VAR_EX(single, NULL, DYNAMIC_TYPE_OCSP_ENTRY);
17634-
WC_FREE_VAR_EX(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
17656+
WC_FREE_VAR_EX(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS);
17657+
WC_FREE_VAR_EX(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY);
17658+
WC_FREE_VAR_EX(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
1763517659

1763617660
}
1763717661
break;
@@ -26214,8 +26238,6 @@ int SendAsyncData(WOLFSSL* ssl)
2621426238
*/
2621526239
static int ssl_in_handshake(WOLFSSL *ssl, int sending_data)
2621626240
{
26217-
int SendAsyncData = 1;
26218-
(void)SendAsyncData;
2621926241
if (IsSCR(ssl)) {
2622026242
if (sending_data) {
2622126243
/* allow sending data in SCR */
@@ -29194,7 +29216,10 @@ static int ParseCipherList(Suites* suites,
2919429216
/* Restore user ciphers ahead of defaults */
2919529217
XMEMMOVE(suites->suites + idx, suites->suites,
2919629218
min(suites->suiteSz, WOLFSSL_MAX_SUITE_SZ-idx));
29197-
suites->suiteSz += (word16)idx;
29219+
if ((word32)suites->suiteSz + idx > WOLFSSL_MAX_SUITE_SZ)
29220+
suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
29221+
else
29222+
suites->suiteSz += (word16)idx;
2919829223
}
2919929224
else
2920029225
#endif
@@ -35034,6 +35059,9 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
3503435059
{
3503535060
word32 sessIdLen = ID_LEN;
3503635061

35062+
if (length > WOLFSSL_MAX_16BIT)
35063+
return BUFFER_ERROR;
35064+
3503735065
if (!HaveUniqueSessionObj(ssl))
3503835066
return MEMORY_ERROR;
3503935067

@@ -35812,6 +35840,8 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3581235840
args->output[args->idx++] = SetCurveId(ssl->eccTempKey);
3581335841
#endif
3581435842
}
35843+
if (args->exportSz > WOLFSSL_MAX_8BIT)
35844+
return BUFFER_ERROR;
3581535845
args->output[args->idx++] = (byte)args->exportSz;
3581635846
XMEMCPY(args->output + args->idx, args->exportBuf, args->exportSz);
3581735847
return 0;
@@ -35924,6 +35954,10 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3592435954

3592535955
static int SKE_AddDhPub(Buffers* buffers, byte* output, int idx)
3592635956
{ /* add p, g, pub */
35957+
if (buffers->serverDH_P.length > WOLFSSL_MAX_16BIT ||
35958+
buffers->serverDH_G.length > WOLFSSL_MAX_16BIT ||
35959+
buffers->serverDH_Pub.length > WOLFSSL_MAX_16BIT)
35960+
return BUFFER_ERROR;
3592735961
c16toa((word16)buffers->serverDH_P.length, output + idx);
3592835962
idx += LENGTH_SZ;
3592935963
XMEMCPY(output + idx, buffers->serverDH_P.buffer,
@@ -36390,8 +36424,12 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3639036424
AddHeaders(args->output, args->length,
3639136425
server_key_exchange, ssl);
3639236426
AddServerHint(ssl, args, hintLen);
36393-
args->idx = SKE_AddDhPub(&ssl->buffers, args->output,
36394-
args->idx);
36427+
ret = SKE_AddDhPub(&ssl->buffers, args->output,
36428+
args->idx);
36429+
if (ret < 0)
36430+
goto exit_sske;
36431+
args->idx = ret;
36432+
ret = 0;
3639536433
break;
3639636434
}
3639736435
#endif /* !defined(NO_DH) && !defined(NO_PSK) */
@@ -36577,8 +36615,12 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3657736615
CHECK_RET(ret, AllocArgsInput(ssl, args), exit_sske);
3657836616
AddHeaders(args->output, args->length,
3657936617
server_key_exchange, ssl);
36580-
args->idx = SKE_AddDhPub(&ssl->buffers, args->output,
36581-
args->idx);
36618+
ret = SKE_AddDhPub(&ssl->buffers, args->output,
36619+
args->idx);
36620+
if (ret < 0)
36621+
goto exit_sske;
36622+
args->idx = ret;
36623+
ret = 0;
3658236624

3658336625
#ifdef HAVE_FUZZER
3658436626
if (ssl->fuzzerCb) {
@@ -36971,8 +37013,9 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3697137013
switch (ssl->options.sigAlgo)
3697237014
{
3697337015
#ifndef NO_RSA
36974-
#ifndef WC_RSA_PSS
37016+
#ifdef WC_RSA_PSS
3697537017
case rsa_pss_sa_algo:
37018+
case rsa_pss_pss_algo:
3697637019
#endif
3697737020
case rsa_sa_algo:
3697837021
{
@@ -37499,7 +37542,6 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3749937542
Suites clSuites;
3750037543
int ret = -1;
3750137544

37502-
(void)inSz;
3750337545
WOLFSSL_MSG("Got old format client hello");
3750437546
#ifdef WOLFSSL_CALLBACKS
3750537547
if (ssl->hsInfoOn)
@@ -37587,6 +37629,11 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3758737629
TRUE, TRUE, TRUE, TRUE, ssl->options.side);
3758837630
}
3758937631

37632+
/* Need at least 3 * OPAQUE16_LEN bytes for suiteSz/sessionSz/randomSz
37633+
* headers before reading the per-field bodies. */
37634+
if (idx + 3 * OPAQUE16_LEN > inSz)
37635+
return BUFFER_ERROR;
37636+
3759037637
/* suite size */
3759137638
ato16(&input[idx], &clSuites.suiteSz);
3759237639
idx += OPAQUE16_LEN;
@@ -37612,6 +37659,11 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3761237659
if (randomSz > RAN_LEN)
3761337660
return BUFFER_ERROR;
3761437661

37662+
/* Cumulative bounds check against actual input buffer length. */
37663+
if ((word32)clSuites.suiteSz + (word32)sessionSz + (word32)randomSz
37664+
> inSz - idx)
37665+
return BUFFER_ERROR;
37666+
3761537667
/* suites */
3761637668
for (i = 0, j = 0; i < clSuites.suiteSz; i += 3) {
3761737669
byte first = input[idx++];
@@ -39658,6 +39710,8 @@ static int AddPSKtoPreMasterSecret(WOLFSSL* ssl)
3965839710
#endif
3965939711

3966039712
if (!IsAtLeastTLSv1_3(ssl->version)) {
39713+
if (ssl->arrays == NULL)
39714+
return;
3966139715
XMEMCPY(ssl->arrays->masterSecret, it->msecret, SECRET_LEN);
3966239716
/* Copy the haveExtendedMasterSecret property from the ticket to
3966339717
* the saved session, so the property may be checked later. */

0 commit comments

Comments
 (0)