Skip to content


Browse files Browse the repository at this point in the history
ssl sigalg extension: fix NULL pointer dereference
As the variable peer_sigalgslen is not cleared on ssl rehandshake, it's
possible to crash an openssl tls secured server remotely by sending a
manipulated hello message in a rehandshake.

On such a manipulated rehandshake, tls1_set_shared_sigalgs() calls
tls12_shared_sigalgs() with the peer_sigalgslen of the previous
handshake, while the peer_sigalgs has been freed.
As a result tls12_shared_sigalgs() walks over the available
peer_sigalgs and tries to access data of a NULL pointer.

This issue was introduced by c589c34 (Add support for the TLS 1.3
signature_algorithms_cert extension, 2018-01-11).

Signed-off-by: Peter Kästle <>
Signed-off-by: Samuel Sapalski <>


CLA: trivial

Reviewed-by: Tomas Mraz <>
Reviewed-by: Paul Dale <>
Reviewed-by: Matt Caswell <>
  • Loading branch information
Peter Kaestle authored and mattcaswell committed Mar 25, 2021
1 parent 3ff3862 commit fb9fa6b
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions ssl/statem/extensions.c
Expand Up @@ -1139,6 +1139,7 @@ static int init_sig_algs(SSL *s, unsigned int context)
/* Clear any signature algorithms extension received */
s->s3->tmp.peer_sigalgs = NULL;
s->s3->tmp.peer_sigalgslen = 0;

return 1;
Expand Down

0 comments on commit fb9fa6b

Please sign in to comment.