commit c046fffa16cd55c972f71c49051b8ce6b83eed7f
author Lutz Jänicke <jaenicke@openssl.org> Tue Jul 30 13:04:04 2002 +0000
committer Lutz Jänicke <jaenicke@openssl.org> Tue Jul 30 13:04:04 2002 +0000
tree f88e3f90a37215466511661e101da6882f8c0836
parent 3aecef76973dbea037ec4e1ceba7ec1bd3fb683a

OpenSSL Security Advisory [30 July 2002]

Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.

ssl/s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 270afb8..782b57f 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -123,6 +123,7 @@
 #include <openssl/x509.h>
 #include <openssl/krb5_asn.h>
 #include <openssl/md5.h>
+#include "cryptlib.h"
 
 static SSL_METHOD *ssl3_get_server_method(int ver);
 static int ssl3_get_client_hello(SSL *s);
@@ -964,6 +965,7 @@
 			s->session->session_id_length=0;
 
 		sl=s->session->session_id_length;
+		die(sl <= sizeof s->session->session_id);
 		*(p++)=sl;
 		memcpy(p,s->session->session_id,sl);
 		p+=sl;
@@ -1559,8 +1561,8 @@
 		EVP_CIPHER		*enc = NULL;
 		unsigned char		iv[EVP_MAX_IV_LENGTH];
 		unsigned char		pms[SSL_MAX_MASTER_KEY_LENGTH
-						+ EVP_MAX_IV_LENGTH + 1];
-		int 			padl, outl = sizeof(pms);
+                                               + EVP_MAX_BLOCK_LENGTH];
+		int                     padl, outl;
 		krb5_timestamp		authtime = 0;
 		krb5_ticket_times	ttimes;
 
@@ -1583,6 +1585,16 @@
 		enc_pms.data = (char *)p;
 		p+=enc_pms.length;
 
+		/* Note that the length is checked again below,
+		** after decryption
+		*/
+		if(enc.pms_length > sizeof pms)
+			{
+			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+			       SSL_R_DATA_LENGTH_TOO_LONG);
+			goto err;
+			}
+
 		if (n != enc_ticket.length + authenticator.length +
 						enc_pms.length + 6)
 			{