Skip to content

Commit

Permalink
Merge pull request #495 from tlsfuzzer/ccs-fix
Browse files Browse the repository at this point in the history 
detect malformed CCS messages
  • Loading branch information
@tomato42
tomato42 committed Jul 31, 2023
2 parents b0afe1c + 85e18a3 commit 3657285
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
2 changes: 2 additions & 0 deletions tlslite/messages.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1898,6 +1898,8 @@ def parse(self, p):
p.setLengthCheck(1)
self.type = p.get(1)
p.stopLengthCheck()
if p.getRemainingLength():
raise DecodeError("Multi-byte CCS message")
return self

def write(self):
Expand Down
8 changes: 8 additions & 0 deletions unit_tests/test_tlslite_messages.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3278,6 +3278,14 @@ def test_parse(self):
self.assertIsInstance(ccs, ChangeCipherSpec)
self.assertEqual(ccs.type, 1)

def test_parse_wrong_size(self):
parser = Parser(bytearray(b'\x01\x01'))

ccs = ChangeCipherSpec()

with self.assertRaises(SyntaxError):
ccs.parse(parser)


class TestNextProtocol(unittest.TestCase):
def test___init__(self):
Expand Down

0 comments on commit 3657285

Please sign in to comment.