Commit 34e3edbf authored by Dr. Stephen Henson's avatar Dr. Stephen Henson Committed by Matt Caswell
Browse files

Fix for CVE-2015-0291 



If a client renegotiates using an invalid signature algorithms extension
it will crash a server with a NULL pointer dereference.

Thanks to David Ramos of Stanford University for reporting this bug.

CVE-2015-0291

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
parent 09f06923

ssl/t1_lib.c

+10 −6
Original line number Diff line number Diff line
@@ -2693,6 +2693,7 @@ int tls1_set_server_sigalgs(SSL *s) 
    if (s->cert->shared_sigalgs) {

        OPENSSL_free(s->cert->shared_sigalgs);

        s->cert->shared_sigalgs = NULL;

        s->cert->shared_sigalgslen = 0;

    }

    /* Clear certificate digests and validity flags */

    for (i = 0; i < SSL_PKEY_NUM; i++) {
@@ -3396,6 +3397,7 @@ static int tls1_set_shared_sigalgs(SSL *s) 
    if (c->shared_sigalgs) {

        OPENSSL_free(c->shared_sigalgs);

        c->shared_sigalgs = NULL;

        c->shared_sigalgslen = 0;

    }

    /* If client use client signature algorithms if not NULL */

    if (!s->server && c->client_sigalgs && !is_suiteb) {
@@ -3418,12 +3420,14 @@ static int tls1_set_shared_sigalgs(SSL *s) 
        preflen = c->peer_sigalgslen;

    }

    nmatch = tls12_shared_sigalgs(s, NULL, pref, preflen, allow, allowlen);

    if (!nmatch)

        return 1;

    if (nmatch) {

        salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS));

        if (!salgs)

            return 0;

        nmatch = tls12_shared_sigalgs(s, salgs, pref, preflen, allow, allowlen);

    } else {

        salgs = NULL;

    }

    c->shared_sigalgs = salgs;

    c->shared_sigalgslen = nmatch;

    return 1;