]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f76c956)
ech_ssl_apis.c: Check some invalid argument passing
authorTomas Mraz <tomas@openssl.org>
Thu, 18 Sep 2025 16:01:49 +0000 (18:01 +0200)
committerTomas Mraz <tomas@openssl.org>
Wed, 1 Oct 2025 15:41:57 +0000 (17:41 +0200)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28611)

ssl/ech/ech_ssl_apis.c patch | blob | blame | history

diff --git a/ssl/ech/ech_ssl_apis.c b/ssl/ech/ech_ssl_apis.c
index 436e0fa71ccf9a8ad1b2dc73ab73e33cd759a0f5..45d04c616e9644333ef894967a60d1e9c5285eca 100644 (file)
--- a/ssl/ech/ech_ssl_apis.c
+++ b/ssl/ech/ech_ssl_apis.c
@@ -296,8 +296,11 @@ int SSL_ech_get1_retry_config(SSL *ssl, unsigned char **ec, size_t *eclen)
     const char *propq = NULL;
 
     s = SSL_CONNECTION_FROM_SSL(ssl);
-    if (s == NULL || ec == NULL || eclen == NULL)
+    if (s == NULL || ec == NULL || eclen == NULL
+        || s->ext.ech.returned_len > INT_MAX) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT);
         goto err;
+    }
     if (s->ext.ech.returned == NULL) {
         *ec = NULL;
         *eclen = 0;
@@ -316,7 +319,7 @@ int SSL_ech_get1_retry_config(SSL *ssl, unsigned char **ec, size_t *eclen)
         propq = s->ext.ech.es->propq;
     }
     if ((in = BIO_new(BIO_s_mem())) == NULL
-        || BIO_write(in, s->ext.ech.returned, s->ext.ech.returned_len) <= 0
+        || BIO_write(in, s->ext.ech.returned, (int)s->ext.ech.returned_len) <= 0
         || (ve = OSSL_ECHSTORE_new(libctx, propq)) == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
         goto err;
@@ -355,7 +358,7 @@ int SSL_CTX_ech_set1_outer_alpn_protos(SSL_CTX *ctx,
     if (protos == NULL)
         return 1;
     if (protos_len == 0) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_NULL_PARAMETER);
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT);
         return 0;
     }
     ctx->ext.ech.alpn_outer = OPENSSL_memdup(protos, protos_len);
@@ -413,11 +416,11 @@ int SSL_set1_ech_config_list(SSL *ssl, const uint8_t *ecl, size_t ecl_len)
         s->ext.ech.es = NULL;
         return 1;
     }
-    if (ecl_len == 0) {
-        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
+    if (ecl_len == 0 || ecl_len > INT_MAX) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT);
         goto err;
     }
-    if ((es_in = BIO_new_mem_buf(ecl, ecl_len)) == NULL
+    if ((es_in = BIO_new_mem_buf(ecl, (int)ecl_len)) == NULL
         || (es = OSSL_ECHSTORE_new(NULL, NULL)) == NULL
         || OSSL_ECHSTORE_read_echconfiglist(es, es_in) != 1
         || SSL_set1_echstore(ssl, es) != 1) {
Mirror of https://github.com/openssl/openssl.git