Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes and cleanup for handling of sig/algo #1231

Merged
merged 4 commits into from Nov 14, 2017
Merged
Diff settings

Always

Just for now

Fix to make sure provided sigalgo list doesn't overflow the buffer.

  • Loading branch information...
dgarske committed Nov 13, 2017
commit 9f7e40ad5c8097ff38d7caff4a9989db260981cc
Copy path View file
@@ -4906,8 +4906,11 @@ static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input,
if (length != OPAQUE16_LEN + len)
return BUFFER_ERROR;

XMEMCPY(suites->hashSigAlgo, input, len);
/* truncate hashSigAlgo list if too long */
suites->hashSigAlgoSz = len;
if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)

This comment has been minimized.

@dgarske

dgarske Nov 14, 2017

Author Contributor

Note: Add WOLFSSL_MSG here to help with debug.

suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz);

return TLSX_SignatureAlgorithms_MapPss(ssl, input, len);
}
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.