openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Use safe pattern for buffer size determining in case of GOST key exchange 

Related: CVE-2022-29242

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18381)
This commit is contained in:
Dmitry Belyavskiy 2022-05-22 18:00:29 +02:00
parent dc0ef292f7
commit 2b5e89992e
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ssl/statem/statem_clnt.c
View File

@ -3156,7 +3156,8 @@ static int tls_construct_cke_gost18(SSL *s, WPACKET *pkt)
{
#ifndef OPENSSL_NO_GOST
/* GOST 2018 key exchange message creation */
unsigned char rnd_dgst[32], tmp[255];
unsigned char rnd_dgst[32];
unsigned char *encdata = NULL;
EVP_PKEY_CTX *pkey_ctx = NULL;
X509 *peer_cert;
unsigned char *pms = NULL;
@ -3221,18 +3222,19 @@ static int tls_construct_cke_gost18(SSL *s, WPACKET *pkt)
goto err;
}
msglen = 255;
if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, pms, pmslen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
if (EVP_PKEY_encrypt(pkey_ctx, NULL, &msglen, pms, pmslen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
goto err;
}
if (!WPACKET_memcpy(pkt, tmp, msglen)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
if (!WPACKET_allocate_bytes(pkt, msglen, &encdata)
|| EVP_PKEY_encrypt(pkey_ctx, encdata, &msglen, pms, pmslen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
goto err;
}
EVP_PKEY_CTX_free(pkey_ctx);
pkey_ctx = NULL;
s->s3.tmp.pms = pms;
s->s3.tmp.pmslen = pmslen;