mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

moving available data length check to DoHandShakeMsgType

Browse Source
This commit is contained in:
Moisés Guimarães 2014-02-17 11:33:51 -03:00
parent 95bc954273
commit 76c8146bf1
1 changed files with 12 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/internal.c
View File

@ -70,8 +70,7 @@ CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#ifndef NO_CYASSL_CLIENT #ifndef NO_CYASSL_CLIENT
static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*); static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*);
static int DoServerHello(CYASSL* ssl, const byte* input, word32*, word32, static int DoServerHello(CYASSL* ssl, const byte* input, word32*, word32);
word32);
static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*); static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*);
#ifndef NO_CERTS #ifndef NO_CERTS
static int DoCertificateRequest(CYASSL* ssl, const byte* input,word32*); static int DoCertificateRequest(CYASSL* ssl, const byte* input,word32*);
@ -80,8 +79,7 @@ CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#ifndef NO_CYASSL_SERVER #ifndef NO_CYASSL_SERVER
static int DoClientHello(CYASSL* ssl, const byte* input, word32*, word32, static int DoClientHello(CYASSL* ssl, const byte* input, word32*, word32);
word32);
static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32*, word32); static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32*, word32);
#if !defined(NO_RSA) || defined(HAVE_ECC) #if !defined(NO_RSA) || defined(HAVE_ECC)
static int DoCertificateVerify(CYASSL* ssl, byte*, word32*, word32); static int DoCertificateVerify(CYASSL* ssl, byte*, word32*, word32);
@ -3724,7 +3722,12 @@ static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx,
CYASSL_ENTER("DoHandShakeMsgType"); CYASSL_ENTER("DoHandShakeMsgType");
/* make sure can read the message */
if (*inOutIdx + size > totalSz)
return INCOMPLETE_DATA;
HashInput(ssl, input + *inOutIdx, size); HashInput(ssl, input + *inOutIdx, size);
#ifdef CYASSL_CALLBACKS #ifdef CYASSL_CALLBACKS
/* add name later, add on record and handshake header part back on */ /* add name later, add on record and handshake header part back on */
if (ssl->toInfoOn) { if (ssl->toInfoOn) {
@ -3779,7 +3782,7 @@ static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx,
case server_hello: case server_hello:
CYASSL_MSG("processing server hello"); CYASSL_MSG("processing server hello");
ret = DoServerHello(ssl, input, inOutIdx, totalSz, size); ret = DoServerHello(ssl, input, inOutIdx, size);
break; break;
#ifndef NO_CERTS #ifndef NO_CERTS
@ -3821,7 +3824,7 @@ static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx,
#ifndef NO_CYASSL_SERVER #ifndef NO_CYASSL_SERVER
case client_hello: case client_hello:
CYASSL_MSG("processing client hello"); CYASSL_MSG("processing client hello");
ret = DoClientHello(ssl, input, inOutIdx, totalSz, size); ret = DoClientHello(ssl, input, inOutIdx, size);
break; break;
case client_key_exchange: case client_key_exchange:
@ -3841,6 +3844,7 @@ static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx,
default: default:
CYASSL_MSG("Unknown handshake message type"); CYASSL_MSG("Unknown handshake message type");
ret = UNKNOWN_HANDSHAKE_TYPE; ret = UNKNOWN_HANDSHAKE_TYPE;
break;
} }
CYASSL_LEAVE("DoHandShakeMsgType()", ret); CYASSL_LEAVE("DoHandShakeMsgType()", ret);
@ -7460,7 +7464,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
static int DoServerHello(CYASSL* ssl, const byte* input, word32* inOutIdx, static int DoServerHello(CYASSL* ssl, const byte* input, word32* inOutIdx,
word32 totalSz, word32 helloSz) word32 helloSz)
{ {
byte b; byte b;
ProtocolVersion pv; ProtocolVersion pv;
@ -7473,10 +7477,6 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (ssl->toInfoOn) AddLateName("ServerHello", &ssl->timeoutInfo); if (ssl->toInfoOn) AddLateName("ServerHello", &ssl->timeoutInfo);
#endif #endif
/* make sure can read the server hello */
if (begin + helloSz > totalSz)
return INCOMPLETE_DATA;
/* protocol version, random and session id length check */ /* protocol version, random and session id length check */
if ((i - begin) + OPAQUE16_LEN + RAN_LEN + ENUM_LEN > helloSz) if ((i - begin) + OPAQUE16_LEN + RAN_LEN + ENUM_LEN > helloSz)
return BUFFER_ERROR; return BUFFER_ERROR;
@ -10026,7 +10026,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
static int DoClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, static int DoClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx,
word32 totalSz, word32 helloSz) word32 helloSz)
{ {
byte b; byte b;
ProtocolVersion pv; ProtocolVersion pv;
@ -10039,10 +10039,6 @@ static void PickHashSigAlgo(CYASSL* ssl,
if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo); if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo);
#endif #endif
/* make sure can read the client hello */
if (begin + helloSz > totalSz)
return INCOMPLETE_DATA;
/* protocol version, random and session id length check */ /* protocol version, random and session id length check */
if ((i - begin) + OPAQUE16_LEN + RAN_LEN + ENUM_LEN > helloSz) if ((i - begin) + OPAQUE16_LEN + RAN_LEN + ENUM_LEN > helloSz)
return BUFFER_ERROR; return BUFFER_ERROR;