Commit 77857ddc authored Jul 01, 2016 by Matt Caswell

Avoid an overflow in constructing the ServerKeyExchange message



We calculate the size required for the ServerKeyExchange message and then
call BUF_MEM_grow_clean() on the buffer. However we fail to take account of
2 bytes required for the signature algorithm and 2 bytes for the signature
length, i.e. we could overflow by 4 bytes. In reality this won't happen
because the buffer is pre-allocated to a large size that means it should be
big enough anyway.

Addresses an OCAP Audit issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>

parent cbffd2d9

ssl/s3_srvr.c

+5 −0

Original line number	Diff line number	Diff line
		@@ -1872,6 +1872,11 @@ int ssl3_send_server_key_exchange(SSL *s)
		goto f_err;
		}
		kn = EVP_PKEY_size(pkey);
		/* Allow space for signature algorithm */
		if (SSL_USE_SIGALGS(s))
		kn += 2;
		/* Allow space for signature length */
		kn += 2;
		} else {
		pkey = NULL;
		kn = 0;