Commit fc4c15fa authored by Matt Caswell's avatar Matt Caswell
Browse files

TLSv1.3 alert and handshake messages can never be 0 length 



We abort if we read a message like this.

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3436)
parent 0b367d79

ssl/record/ssl3_record.c

+9 −0
Original line number Diff line number Diff line
@@ -644,6 +644,15 @@ int ssl3_get_record(SSL *s) 
                                &thisrr->data[end], 1, s, s->msg_callback_arg);

        }



        if (SSL_IS_TLS13(s)

                && (thisrr->type == SSL3_RT_HANDSHAKE

                    || thisrr->type == SSL3_RT_ALERT)

                && thisrr->length == 0) {

            al = SSL_AD_UNEXPECTED_MESSAGE;

            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_LENGTH);

            goto f_err;

        }



        if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH) {

            al = SSL_AD_RECORD_OVERFLOW;

            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);