mirror of https://github.com/openssl/openssl
Use safe pattern for buffer size determining in case of GOST key exchange
Related: CVE-2022-29242 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18381)
This commit is contained in:
parent
dc0ef292f7
commit
2b5e89992e
|
@ -3156,7 +3156,8 @@ static int tls_construct_cke_gost18(SSL *s, WPACKET *pkt)
|
|||
{
|
||||
#ifndef OPENSSL_NO_GOST
|
||||
/* GOST 2018 key exchange message creation */
|
||||
unsigned char rnd_dgst[32], tmp[255];
|
||||
unsigned char rnd_dgst[32];
|
||||
unsigned char *encdata = NULL;
|
||||
EVP_PKEY_CTX *pkey_ctx = NULL;
|
||||
X509 *peer_cert;
|
||||
unsigned char *pms = NULL;
|
||||
|
@ -3221,18 +3222,19 @@ static int tls_construct_cke_gost18(SSL *s, WPACKET *pkt)
|
|||
goto err;
|
||||
}
|
||||
|
||||
msglen = 255;
|
||||
if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, pms, pmslen) <= 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG);
|
||||
if (EVP_PKEY_encrypt(pkey_ctx, NULL, &msglen, pms, pmslen) <= 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!WPACKET_memcpy(pkt, tmp, msglen)) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
|
||||
if (!WPACKET_allocate_bytes(pkt, msglen, &encdata)
|
||||
|| EVP_PKEY_encrypt(pkey_ctx, encdata, &msglen, pms, pmslen) <= 0) {
|
||||
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
EVP_PKEY_CTX_free(pkey_ctx);
|
||||
pkey_ctx = NULL;
|
||||
s->s3.tmp.pms = pms;
|
||||
s->s3.tmp.pmslen = pmslen;
|
||||
|
||||
|
|
Loading…
Reference in New Issue