git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Antonio Quartulli <a@unstable.cc>
	Tue, 28 Jun 2022 09:41:44 +0000 (11:41 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Tue, 28 Jun 2022 15:23:25 +0000 (17:23 +0200)
commit	462339a45089ef655faf02232d7d792def9b8afb
tree	6695ec282cc8c104c6bb5bfa227da8f48e187648	tree
parent	2a02c90a4501b04a43a25824fe9f7b980e10fc40	commit \| diff

tls-crypt-v2: bail out if the client key is too small

The tls-crypt-v2 key should be at least 2 bytes long in order to read
the actual length. Bail out if the key is too short.

This looks like it could be abused to trigger a read of uninitialized
memory, but after close checking it won't:

  We read from BEND(), so this is defined for TCP since the minimum
  length there is 3 bytes (pkt len + opcode)

  For UDP we might read past the beginning of the packet but since they
  are buffers coming from the packet stack we have the headroom/tailroom,
  so might read some random data (but not out of bound!).

  So we copy some more or less random number into net_len/wkc_len but without
  actually reading from undefined memory.

  The next line will then almost definitively fail (buf_advance()).

While at it improve the error message a bit.

Signed-off-by: Antonio Quartulli <a@unstable.cc>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20220628094144.17471-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg24580.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>