TLS: Fix unsigned int underflow in internal TLS 1.0/1.1 implementation

Taking sizeof(ptr) is incorrect to determine size of passed in hash and
results in hlen getting set to a very large value since MD5_MAC_LEN >
sizeof(ptr). Provide the actual size of the hash buffer from the caller
to fix this.

tls_key_x_server_params_hash() callers src/tls/tlsv1_client_read.c and
src/tls/tlsv1_server_write.c both pass in a large enough hash (hash[64]
or hash[100]) that this does not appear to have an impact, though it is
still wrong.

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
Glenn Strauss
2022-11-08 00:05:54 -05:00
committed by Sarvesh Bodakhe
parent b58dbf2808
commit b3e4aae7bb
4 changed files with 9 additions and 5 deletions

View File

@@ -380,7 +380,7 @@ int tlsv12_key_x_server_params_hash(u16 tls_version, u8 hash_alg,
int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
const u8 *server_random,
const u8 *server_params,
size_t server_params_len, u8 *hash)
size_t server_params_len, u8 *hash, size_t hsz)
{
u8 *hpos;
size_t hlen;
@@ -395,6 +395,8 @@ int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
crypto_hash_update(ctx, server_params, server_params_len);
hlen = MD5_MAC_LEN;
if (hsz < hlen)
return -1;
if (crypto_hash_finish(ctx, hash, &hlen) < 0)
return -1;
hpos += hlen;
@@ -405,7 +407,7 @@ int tls_key_x_server_params_hash(u16 tls_version, const u8 *client_random,
crypto_hash_update(ctx, client_random, TLS_RANDOM_LEN);
crypto_hash_update(ctx, server_random, TLS_RANDOM_LEN);
crypto_hash_update(ctx, server_params, server_params_len);
hlen = hash + sizeof(hash) - hpos;
hlen = hsz - hlen;
if (crypto_hash_finish(ctx, hpos, &hlen) < 0)
return -1;
hpos += hlen;