Permalink
Browse files

- Merged security fixes to 1.1 branch

1 parent e2e36d3 commit e2f8ff67972a85bfc748b16b7128fee08c4dd4c0 Paul Bakker committed Apr 20, 2012
Showing with 19 additions and 10 deletions.
  1. +6 −0 ChangeLog
  2. +2 −2 library/bignum.c
  3. +4 −8 library/dhm.c
  4. +7 −0 library/ssl_tls.c
View
@@ -1,5 +1,11 @@
PolarSSL ChangeLog
+= Version 1.1.2 released on 2012-04-20
+Security
+ * Fixed potential memory corruption on miscrafted client messages (found by
+ Frama-C team at CEA LIST)
+ * Fixed generate of DHM parameters to correct length
+
= Version 1.1.1 released on 2012-01-23
Bugfix
* Check for failed malloc() in ssl_set_hostname() and x509_get_entries()
View
@@ -1813,7 +1813,7 @@ int mpi_is_prime( mpi *X,
/*
* pick a random A, 1 < A < |X| - 1
*/
- MPI_CHK( mpi_fill_random( &A, X->n, f_rng, p_rng ) );
+ MPI_CHK( mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) );
if( mpi_cmp_mpi( &A, &W ) >= 0 )
{
@@ -1885,7 +1885,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
n = BITS_TO_LIMBS( nbits );
- MPI_CHK( mpi_fill_random( X, n, f_rng, p_rng ) );
+ MPI_CHK( mpi_fill_random( X, n * ciL, f_rng, p_rng ) );
k = mpi_msb( X );
if( k < nbits ) MPI_CHK( mpi_shift_l( X, nbits - k ) );
View
@@ -130,16 +130,14 @@ int dhm_make_params( dhm_context *ctx, int x_size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
- int ret, n;
+ int ret;
size_t n1, n2, n3;
unsigned char *p;
/*
* Generate X as large as possible ( < P )
*/
- n = x_size / sizeof( t_uint ) + 1;
-
- mpi_fill_random( &ctx->X, n, f_rng, p_rng );
+ mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
mpi_shift_r( &ctx->X, 1 );
@@ -207,17 +205,15 @@ int dhm_make_public( dhm_context *ctx, int x_size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
- int ret, n;
+ int ret;
if( ctx == NULL || olen < 1 || olen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
/*
* generate X and calculate GX = G^X mod P
*/
- n = x_size / sizeof( t_uint ) + 1;
-
- mpi_fill_random( &ctx->X, n, f_rng, p_rng );
+ mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
mpi_shift_r( &ctx->X, 1 );
View
@@ -785,6 +785,13 @@ static int ssl_decrypt_buf( ssl_context *ssl )
/*
* Always compute the MAC (RFC4346, CBCTIME).
*/
+ if( ssl->in_msglen <= ssl->maclen + padlen )
+ {
+ SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)",
+ ssl->in_msglen, ssl->maclen, padlen ) );
+ return( POLARSSL_ERR_SSL_INVALID_MAC );
+ }
+
ssl->in_msglen -= ( ssl->maclen + padlen );
ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 );

0 comments on commit e2f8ff6

Please sign in to comment.