Fix seg fault with 0 p val in SKE (ada57746) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/s3_clnt.c

+16 −0

Original line number	Diff line number	Diff line
		@@ -1699,6 +1699,12 @@ int ssl3_get_key_exchange(SSL *s)
		}
		p += i;

		if (BN_is_zero(dh->p)) {
		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
		goto f_err;
		}


		if (2 > n - param_len) {
		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
		goto f_err;
		@@ -1719,6 +1725,11 @@ int ssl3_get_key_exchange(SSL *s)
		}
		p += i;

		if (BN_is_zero(dh->g)) {
		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
		goto f_err;
		}

		if (2 > n - param_len) {
		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
		goto f_err;
		@@ -1740,6 +1751,11 @@ int ssl3_get_key_exchange(SSL *s)
		p += i;
		n -= param_len;

		if (BN_is_zero(dh->pub_key)) {
		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_VALUE);
		goto f_err;
		}

		# ifndef OPENSSL_NO_RSA
		if (alg_a & SSL_aRSA)
		pkey =

+3 −0

Original line number	Diff line number	Diff line
		@@ -2846,8 +2846,11 @@ void ERR_load_SSL_strings(void);
		# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
		# define SSL_R_BAD_DECOMPRESSION 107
		# define SSL_R_BAD_DH_G_LENGTH 108
		# define SSL_R_BAD_DH_G_VALUE 375
		# define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
		# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
		# define SSL_R_BAD_DH_P_LENGTH 110
		# define SSL_R_BAD_DH_P_VALUE 395
		# define SSL_R_BAD_DIGEST_LENGTH 111
		# define SSL_R_BAD_DSA_SIGNATURE 112
		# define SSL_R_BAD_ECC_CERT 304

+3 −0

Original line number	Diff line number	Diff line
		@@ -386,8 +386,11 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
		"bad data returned by callback"},
		{ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
		{ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
		{ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
		{ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
		{ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
		{ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
		{ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
		{ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
		{ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
		{ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},