Import s2_pkt.c wbuf fixes from OpenSSL_0_9_6-stable branch.
diff --git a/CHANGES b/CHANGES
index 419823b..fecbe65 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,11 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
+ *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
+ Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
+ when writing a 32767 byte record.
+ [Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
+
*) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
obtain lock CRYPTO_LOCK_RSA before creating BN_MONT_CTX
structures and setting rsa->_method_mod_{n,p,q}.
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index a6f4db3..52a2b27 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -273,10 +273,16 @@
if ((s2=OPENSSL_malloc(sizeof *s2)) == NULL) goto err;
memset(s2,0,sizeof *s2);
+#if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
+# error "assertion failed"
+#endif
+
if ((s2->rbuf=OPENSSL_malloc(
SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+ /* wbuf needs one byte more because when using two-byte headers,
+ * we leave the first byte unused in do_ssl_write (s2_pkt.c) */
if ((s2->wbuf=OPENSSL_malloc(
- SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+ SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+3)) == NULL) goto err;
s->s2=s2;
ssl2_clear(s);
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 6081dd7..2866d61 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -541,6 +541,9 @@
{
bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
j=len+mac_size;
+ /* Two-byte headers allow for a larger record length than
+ * three-byte headers, but we can't use them if we need
+ * padding or if we have to set the escape bit. */
if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
(!s->s2->escape))
{
@@ -556,25 +559,39 @@
}
else if ((bs <= 1) && (!s->s2->escape))
{
- /* len=len; */
+ /* j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
+ * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER */
s->s2->three_byte_header=0;
p=0;
}
- else /* 3 byte header */
+ else /* we may have to use a 3 byte header */
{
- /*len=len; */
+ /* If s->s2->escape is not set, then
+ * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
+ * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER. */
p=(j%bs);
p=(p == 0)?0:(bs-p);
if (s->s2->escape)
+ {
s->s2->three_byte_header=1;
+ if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
+ j=SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
+ }
else
s->s2->three_byte_header=(p == 0)?0:1;
}
}
+
+ /* Now
+ * j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+ * holds, and if s->s2->three_byte_header is set, then even
+ * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
+ */
+
/* mac_size is the number of MAC bytes
* len is the number of data bytes we are going to send
* p is the number of padding bytes
- * if p == 0, it is a 2 byte header */
+ * (if it is a two-byte header, then p == 0) */
s->s2->wlength=len;
s->s2->padding=p;
diff --git a/ssl/ssl2.h b/ssl/ssl2.h
index df7d03c..f8b56af 100644
--- a/ssl/ssl2.h
+++ b/ssl/ssl2.h
@@ -134,11 +134,11 @@
/* Upper/Lower Bounds */
#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
#ifdef MPE
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)29998
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 29998u
#else
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER 32767u /* 2^15-1 */
#endif
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/
+#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /* 2^14-1 */
#define SSL2_CHALLENGE_LENGTH 16
/*#define SSL2_CHALLENGE_LENGTH 32 */
