Check length before reading handshake header
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 0b5f912..1cfb606 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -784,7 +784,8 @@
(equal to in_left if none) */
#endif
- size_t in_hslen; /*!< current handshake message length */
+ size_t in_hslen; /*!< current handshake message length,
+ including the handshake header */
int nb_zero; /*!< # of 0-length encrypted messages */
int record_read; /*!< record is already present */
@@ -1948,6 +1949,17 @@
return( 5 );
}
+static inline size_t ssl_hs_hdr_len( const ssl_context *ssl )
+{
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+ if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
+ return( 12 );
+#else
+ ((void) ssl);
+#endif
+ return( 4 );
+}
+
/* constant-time buffer comparison */
static inline int safer_memcmp( const void *a, const void *b, size_t n )
{
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7b47766..5dd690b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2338,10 +2338,16 @@
static int ssl_prepare_handshake_record( ssl_context *ssl )
{
- ssl->in_hslen = ssl->transport == SSL_TRANSPORT_DATAGRAM ? 12 : 4;
- ssl->in_hslen += ( ssl->in_msg[1] << 16 ) |
- ( ssl->in_msg[2] << 8 ) |
- ssl->in_msg[3];
+ if( ssl->in_msglen < ssl_hs_hdr_len( ssl ) )
+ {
+ SSL_DEBUG_MSG( 1, ( "handshake message too short: %d",
+ ssl->in_msglen ) );
+ }
+
+ ssl->in_hslen = ssl_hs_hdr_len( ssl ) + (
+ ( ssl->in_msg[1] << 16 ) |
+ ( ssl->in_msg[2] << 8 ) |
+ ssl->in_msg[3] );
SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
" %d, type = %d, hslen = %d",