Skip to content

Commit e9bbefb

Browse files
committed
Go into the error state if a fatal alert is sent or received
If an application calls SSL_shutdown after a fatal alert has occured and then behaves different based on error codes from that function then the application may be vulnerable to a padding oracle. CVE-2019-1559 Reviewed-by: Richard Levitte <levitte@openssl.org>
1 parent c81f169 commit e9bbefb

File tree

2 files changed

+8
-3
lines changed

2 files changed

+8
-3
lines changed

ssl/d1_pkt.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1309,6 +1309,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
13091309
ERR_add_error_data(2, "SSL alert number ", tmp);
13101310
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
13111311
SSL_CTX_remove_session(s->session_ctx, s->session);
1312+
s->state = SSL_ST_ERR;
13121313
return (0);
13131314
} else {
13141315
al = SSL_AD_ILLEGAL_PARAMETER;

ssl/s3_pkt.c

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1500,6 +1500,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
15001500
ERR_add_error_data(2, "SSL alert number ", tmp);
15011501
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
15021502
SSL_CTX_remove_session(s->session_ctx, s->session);
1503+
s->state = SSL_ST_ERR;
15031504
return (0);
15041505
} else {
15051506
al = SSL_AD_ILLEGAL_PARAMETER;
@@ -1719,9 +1720,12 @@ int ssl3_send_alert(SSL *s, int level, int desc)
17191720
* protocol_version alerts */
17201721
if (desc < 0)
17211722
return -1;
1722-
/* If a fatal one, remove from cache */
1723-
if ((level == 2) && (s->session != NULL))
1724-
SSL_CTX_remove_session(s->session_ctx, s->session);
1723+
/* If a fatal one, remove from cache and go into the error state */
1724+
if (level == SSL3_AL_FATAL) {
1725+
if (s->session != NULL)
1726+
SSL_CTX_remove_session(s->session_ctx, s->session);
1727+
s->state = SSL_ST_ERR;
1728+
}
17251729

17261730
s->s3->alert_dispatch = 1;
17271731
s->s3->send_alert[0] = level;

0 commit comments

Comments
 (0)