Commit 1e16987f authored by Matt Caswell's avatar Matt Caswell
Browse files

Avoid an overflow in constructing the ServerKeyExchange message 



We calculate the size required for the ServerKeyExchange message and then
call BUF_MEM_grow_clean() on the buffer. However we fail to take account of
2 bytes required for the signature algorithm and 2 bytes for the signature
length, i.e. we could overflow by 4 bytes. In reality this won't happen
because the buffer is pre-allocated to a large size that means it should be
big enough anyway.

Addresses an OCAP Audit issue.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 43cb3090

ssl/statem/statem_srvr.c

+5 −0
Original line number Diff line number Diff line
@@ -1792,6 +1792,11 @@ int tls_construct_server_key_exchange(SSL *s) 
            goto f_err;

        }

        kn = EVP_PKEY_size(pkey);

        /* Allow space for signature algorithm */

        if (SSL_USE_SIGALGS(s))

            kn += 2;

        /* Allow space for signature length */

        kn += 2;

    } else {

        pkey = NULL;

        kn = 0;