Permalink
Browse files
Go into the error state if a fatal alert is sent or received
If an application calls SSL_shutdown after a fatal alert has occured and
then behaves different based on error codes from that function then the
application may be vulnerable to a padding oracle.
CVE-2019-1559
Reviewed-by: Richard Levitte <levitte@openssl.org>
Loading branch information...
Showing
2 changed files
with
8 additions
and
3 deletions .
+1
−0
ssl/d1_pkt.c
+7
−3
ssl/s3_pkt.c
@@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
ERR_add_error_data (2 , " SSL alert number "
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session (s->session_ctx , s->session );
s->state = SSL_ST_ERR;
return (0 );
} else {
al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
ERR_add_error_data (2 , " SSL alert number "
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session (s->session_ctx , s->session );
s->state = SSL_ST_ERR;
return (0 );
} else {
al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc)
* protocol_version alerts */
if (desc < 0 )
return -1 ;
/* If a fatal one, remove from cache */
if ((level == 2 ) && (s->session != NULL ))
SSL_CTX_remove_session (s->session_ctx , s->session );
/* If a fatal one, remove from cache and go into the error state */
if (level == SSL3_AL_FATAL) {
if (s->session != NULL )
SSL_CTX_remove_session (s->session_ctx , s->session );
s->state = SSL_ST_ERR;
}
s->s3 ->alert_dispatch = 1 ;
s->s3 ->send_alert [0 ] = level;
Toggle all file notes
0 comments on commit
e9bbefb