commit 82b0bf0b8792bdc113cadc04a1f9d40f0e0cfbfc
author Bodo Möller <bodo@openssl.org> Sat Apr 13 22:47:20 2002 +0000
committer Bodo Möller <bodo@openssl.org> Sat Apr 13 22:47:20 2002 +0000
tree 708f5e5cb06a863a90c9742071bae98310b5b980
parent 3a7cef3e76aae1ef0d03f50b9e7ebcdf41b30c90

Implement known-IV countermeasure.

Fix length checks in ssl3_get_client_hello().

Use s->s3->in_read_app_data differently to fix ssl3_read_internal().

ssl/s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index d6247a6..99b6a86 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -727,7 +727,7 @@
 		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
 		goto f_err;
 		}
-	if ((i+p) > (d+n))
+	if ((p+i) >= (d+n))
 		{
 		/* not enough data */
 		al=SSL_AD_DECODE_ERROR;
@@ -784,6 +784,13 @@
 
 	/* compression */
 	i= *(p++);
+	if ((p+i) > (d+n))
+		{
+		/* not enough data */
+		al=SSL_AD_DECODE_ERROR;
+		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+		goto f_err;
+		}
 	q=p;
 	for (j=0; j<i; j++)
 		{
@@ -831,7 +838,7 @@
 	/* TLS does not mind if there is extra stuff */
 	if (s->version == SSL3_VERSION)
 		{
-		if (p > (d+n))
+		if (p < (d+n))
 			{
 			/* wrong number of bytes,
 			 * there could be more to follow */