From: Nikos Mavrogiannopoulos Date: Thu, 22 May 2014 07:21:20 +0000 (+0200) Subject: When assigning the TLS version, double check that it is valid. X-Git-Tag: gnutls_3_3_3~36 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=31e1ccb50e0817e5cbcf41733875ae2ee987324c;p=thirdparty%2Fgnutls.git When assigning the TLS version, double check that it is valid. --- diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index d985948548..8b4222b53a 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -168,10 +168,11 @@ static int resume_copy_required_values(gnutls_session_t session) NULL) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - _gnutls_set_current_version(session, + if (_gnutls_set_current_version(session, session->internals. resumed_security_parameters.pversion-> - id); + id) < 0) + return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); session->security_parameters.cert_type = session->internals.resumed_security_parameters.cert_type; @@ -419,7 +420,8 @@ _gnutls_negotiate_version(gnutls_session_t session, ret = adv_version; } - _gnutls_set_current_version(session, ret); + if (_gnutls_set_current_version(session, ret) < 0) + return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); return ret; } @@ -1724,7 +1726,8 @@ _gnutls_read_server_hello(gnutls_session_t session, gnutls_assert(); return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; } else { - _gnutls_set_current_version(session, version); + if (_gnutls_set_current_version(session, version) < 0) + return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); } pos += 2; @@ -1955,7 +1958,8 @@ static int _gnutls_send_client_hello(gnutls_session_t session, int again) * (RSA uses it). */ set_adv_version(session, hver->major, hver->minor); - _gnutls_set_current_version(session, hver->id); + if (_gnutls_set_current_version(session, hver->id) < 0) + return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); if (session->internals.priorities.ssl3_record_version != 0) { /* Advertize the SSL 3.0 record packet version in diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index c5d238d731..490ccbe907 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -1040,16 +1040,21 @@ inline static unsigned get_num_version(gnutls_session_t session) void _gnutls_priority_update_fips(void); -#define _gnutls_set_current_version(s, v) { \ - s->security_parameters.pversion = version_to_entry(v); \ - } - #define timespec_sub_ms _gnutls_timespec_sub_ms unsigned int /* returns a-b in ms */ timespec_sub_ms(struct timespec *a, struct timespec *b); #include +inline static int _gnutls_set_current_version(gnutls_session_t s, unsigned v) +{ + s->security_parameters.pversion = version_to_entry(v); + if (s->security_parameters.pversion == NULL) { + return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; + } + return 0; +} + inline static size_t max_user_send_size(gnutls_session_t session, record_parameters_st * record_params) diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 941679750e..916ce850e4 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -199,7 +199,8 @@ int gnutls_protocol_set_priority(gnutls_session_t session, const int *list) /* set the current version to the first in the chain. * This will be overridden later. */ - _gnutls_set_current_version(session, list[0]); + if (_gnutls_set_current_version(session, list[0]) < 0) + return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); } return 0; @@ -615,10 +616,13 @@ gnutls_priority_set(gnutls_session_t session, gnutls_priority_t priority) /* set the current version to the first in the chain. * This will be overridden later. */ - if (session->internals.priorities.protocol.algorithms > 0) - _gnutls_set_current_version(session, + if (session->internals.priorities.protocol.algorithms > 0) { + if (_gnutls_set_current_version(session, session->internals.priorities. - protocol.priority[0]); + protocol.priority[0]) < 0) { + return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET); + } + } if (session->internals.priorities.protocol.algorithms == 0 || session->internals.priorities.cipher.algorithms == 0 ||